File php-CVE-2016-6288.patch of Package php5.openSUSE_Leap_42.1_Update
Index: php-5.6.1/ext/standard/url.c
===================================================================
--- php-5.6.1.orig/ext/standard/url.c 2016-08-03 14:35:09.781465686 +0200
+++ php-5.6.1/ext/standard/url.c 2016-08-03 14:38:09.568392121 +0200
@@ -321,7 +321,7 @@ PHPAPI php_url *php_url_parse_ex(char co
nohost:
if ((p = memchr(s, '?', (ue - s)))) {
- pp = strchr(s, '#');
+ pp = memchr(s, '#', (ue - s));
if (pp && pp < p) {
if (pp - s) {