Overview

File php-CVE-2016-5772.patch of Package php5.openSUSE_Leap_42.1_Update

Index: php-5.6.1/ext/wddx/wddx.c
===================================================================
--- php-5.6.1.orig/ext/wddx/wddx.c	2016-06-27 09:19:32.012569582 +0200
+++ php-5.6.1/ext/wddx/wddx.c	2016-06-27 09:19:58.036988977 +0200
@@ -1101,6 +1101,9 @@ static void php_wddx_process_data(void *
 				break;
 
 			case ST_BOOLEAN:
+                               if(!ent->data) {
+                                       break;
+                               }
 				if (!strcmp(s, "true")) {
 					Z_LVAL_P(ent->data) = 1;
 				} else if (!strcmp(s, "false")) {
@@ -1109,6 +1112,7 @@ static void php_wddx_process_data(void *
 					zval_ptr_dtor(&ent->data);
 					if (ent->varname) {
 						efree(ent->varname);
+                                               ent->varname = NULL;
 					}
 					ent->data = NULL;
 				}
openSUSE Build Service is sponsored by
Places