File php-CVE-2015-6836.patch of Package php5.openSUSE_Leap_42.1_Update
X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fsoap%2Fsoap.c;h=a0e64a39001e9bba76ff7ee945ae51d38ef9d4e5;hp=1b8f545b85518504fe40848a8a90b74a8cefaadf;hb=e201f01ac17243a1e5fb6a3911ed8e21b1619ac1;hpb=f9c2bf73adb2ede0a486b0db466c264f2b27e0bb
Index: ext/soap/soap.c
===================================================================
--- ext/soap/soap.c.orig 2015-09-15 12:10:31.205575121 +0200
+++ ext/soap/soap.c 2015-09-15 12:10:48.787810174 +0200
@@ -2930,8 +2930,10 @@
}
zend_hash_internal_pointer_reset(default_headers);
while (zend_hash_get_current_data(default_headers, (void**)&tmp) == SUCCESS) {
- Z_ADDREF_PP(tmp);
- zend_hash_next_index_insert(soap_headers, tmp, sizeof(zval *), NULL);
+ if(Z_TYPE_PP(tmp) == IS_OBJECT) {
+ Z_ADDREF_PP(tmp);
+ zend_hash_next_index_insert(soap_headers, tmp, sizeof(zval *), NULL);
+ }
zend_hash_move_forward(default_headers);
}
} else {
@@ -4353,11 +4355,18 @@
if (head) {
zval** header;
- zend_hash_internal_pointer_reset(soap_headers);
- while (zend_hash_get_current_data(soap_headers,(void**)&header) == SUCCESS) {
- HashTable *ht = Z_OBJPROP_PP(header);
+ for(zend_hash_internal_pointer_reset(soap_headers);
+ zend_hash_get_current_data(soap_headers,(void**)&header) == SUCCESS;
+ zend_hash_move_forward(soap_headers)
+ ) {
+ HashTable *ht;
zval **name, **ns, **tmp;
+ if (Z_TYPE_PP(header) != IS_OBJECT) {
+ continue;
+ }
+
+ ht = Z_OBJPROP_PP(header);
if (zend_hash_find(ht, "name", sizeof("name"), (void**)&name) == SUCCESS &&
Z_TYPE_PP(name) == IS_STRING &&
zend_hash_find(ht, "namespace", sizeof("namespace"), (void**)&ns) == SUCCESS &&
@@ -4396,7 +4405,6 @@
xmlSetNs(h, nsptr);
set_soap_header_attributes(h, ht, version);
}
- zend_hash_move_forward(soap_headers);
}
}