Search
j0ke.net Open Build Service
>
Projects
>
internetx
:
php5
>
php-5.3.29
> php-CVE-2014-8142.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File php-CVE-2014-8142.patch of Package php-5.3.29
http://git.php.net/?p=php-src.git;a=commitdiff;h=630f9c33c23639de85c3fd306b209b538b73b4c9 index 7afef6a..4cf1d10 100644 --- ext/standard/var_unserializer.re +++ ext/standard/var_unserializer.re @@ -347,6 +347,9 @@ static inline int process_nested_data(UNSERIALIZE_PARAMETER, HashTable *ht, long } else { /* object properties should include no integers */ convert_to_string(key); + if (zend_symtable_find(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, (void **)&old_data)==SUCCESS) { + var_push_dtor(var_hash, old_data); + } zend_hash_update(ht, Z_STRVAL_P(key), Z_STRLEN_P(key) + 1, &data, sizeof data, NULL); }
