File php-CVE-2015-2787.patch of Package php5.openSUSE_Leap_42.1_Update
https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d --- ext/standard/var_unserializer.re +++ ext/standard/var_unserializer.re @@ -353,6 +353,7 @@ static inline int process_nested_data(UNSERIALIZE_PARAMETER, HashTable *ht, long zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, sizeof data, NULL); } + var_push_dtor(var_hash, &data); zval_dtor(key); FREE_ZVAL(key);