File php-CVE-2014-3587.patch of Package php5.openSUSE_Leap_42.1_Update
--- php-5.3.17/ext/fileinfo/libmagic/cdf.c +++ php-5.3.17/ext/fileinfo/libmagic/cdf.c @@ -820,6 +820,10 @@ cdf_read_property_info(const cdf_stream_ q = (const uint8_t *)(const void *) ((const char *)(const void *)p + ofs - 2 * sizeof(uint32_t)); + if (q < p) { + DPRINTF(("Wrapped around %p < %p\n", q, p)); + goto out; + } if (q > e) { DPRINTF(("Ran of the end %p > %p\n", q, e)); goto out;