File php-CVE-2016-5094,5095.patch of Package php5

Index: php-5.6.1/ext/standard/html.c
===================================================================
--- php-5.6.1.orig/ext/standard/html.c	2014-10-01 11:17:38.000000000 +0200
+++ php-5.6.1/ext/standard/html.c	2016-06-01 07:00:57.004668159 +0200
@@ -1435,6 +1435,11 @@ encode_amp:
 	}
 	replaced[len] = '\0';
 	*newlen = len;
+	if(len > INT_MAX) {
+		zend_error_noreturn(E_ERROR, "Escaped string is too long");
+		efree(replaced);
+		return NULL;
+	}
 
 	return replaced;
 }