File php-CVE-2015-8835.patch of Package php5.openSUSE_Leap_42.1_Update
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 26 Jul 2015 23:44:18 +0000 (-0700)
Subject: Fix bug #70081: check types for SOAP variables
X-Git-Tag: php-5.4.44~17
X-Git-Url: https://72.52.91.13:4430/?p=php-src.git;a=commitdiff_plain;h=c96d08b27226193dd51f2b50e84272235c6aaa69
Fix bug #70081: check types for SOAP variables
---
Index: ext/soap/php_http.c
===================================================================
--- ext/soap/php_http.c.orig 2016-04-14 15:23:20.123256077 +0200
+++ ext/soap/php_http.c 2016-04-14 15:24:11.491256360 +0200
@@ -821,10 +821,11 @@
zend_hash_internal_pointer_reset(Z_ARRVAL_PP(cookies));
smart_str_append_const(&soap_headers, "Cookie: ");
for (i = 0; i < n; i++) {
+ ulong numindx;
+ int res = zend_hash_get_current_key(Z_ARRVAL_PP(cookies), &key, &numindx, FALSE);
zend_hash_get_current_data(Z_ARRVAL_PP(cookies), (void **)&data);
- zend_hash_get_current_key(Z_ARRVAL_PP(cookies), &key, NULL, FALSE);
- if (Z_TYPE_PP(data) == IS_ARRAY) {
+ if (res == HASH_KEY_IS_STRING && Z_TYPE_PP(data) == IS_ARRAY) {
zval** value;
if (zend_hash_index_find(Z_ARRVAL_PP(data), 0, (void**)&value) == SUCCESS &&