File php-5.1.2-CVE-2007-0906-str_replace.patch of Package php

--- ext/standard/string.c
+++ ext/standard/string.c
@@ -3036,7 +3036,7 @@
 	}
 	
 	Z_STRLEN_P(result) = len + (char_count * (to_len - 1));
-	Z_STRVAL_P(result) = target = emalloc(Z_STRLEN_P(result) + 1);
+	Z_STRVAL_P(result) = target = safe_emalloc(char_count, to_len, len + 1);
 	Z_TYPE_P(result) = IS_STRING;
 	
 	for (source = str; source < source_end; source++) {