File php-CVE-2014-8142.patch of Package php5.openSUSE_Leap_42.1_Update
http://git.php.net/?p=php-src.git;a=commitdiff;h=630f9c33c23639de85c3fd306b209b538b73b4c9
index 7afef6a..4cf1d10 100644
--- ext/standard/var_unserializer.re
+++ ext/standard/var_unserializer.re
@@ -347,6 +347,9 @@ static inline int process_nested_data(UNSERIALIZE_PARAMETER, HashTable *ht, long
} else {
/* object properties should include no integers */
convert_to_string(key);
+ if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) {
+ var_push_dtor(var_hash, old_data);
+ }
zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data,
sizeof data, NULL);
}