File php7-CVE-2020-7070.patch of Package php7.21626

Index: php-7.4.6/main/php_variables.c
===================================================================
--- php-7.4.6.orig/main/php_variables.c	2020-10-09 10:18:38.836809981 +0200
+++ php-7.4.6/main/php_variables.c	2020-10-09 10:19:30.105107183 +0200
@@ -514,7 +514,9 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_defaul
 		}
 
 		val = estrndup(val, val_len);
-		php_url_decode(var, strlen(var));
+		if (arg != PARSE_COOKIE) {
+			php_url_decode(var, strlen(var));
+		}
 		if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len)) {
 			php_register_variable_safe(var, val, new_val_len, &array);
 		}

Places

File php7-CVE-2020-7070.patch of Package php7.21626

Places