File php-CVE-2015-6837,6838.patch of Package php5

Overview Repositories Revisions Requests Users Attributes Meta

File php-CVE-2015-6837,6838.patch of Package php5

X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fxsl%2Fxsltprocessor.c;h=d21a8ebcb70c08e8a69f0395b42ee850112e846a;hp=67c90f501f1b9a89d72756537d76e3266ddb8a21;hb=1744be2d17befc69bf00033993f4081852a747d6;hpb=b221df5549533fe04c151cca85be43eb624a643d
Index: ext/xsl/xsltprocessor.c
===================================================================
--- ext/xsl/xsltprocessor.c.orig	2015-09-15 14:35:26.704389342 +0200
+++ ext/xsl/xsltprocessor.c	2015-09-15 14:36:04.238895016 +0200
@@ -219,15 +219,17 @@
 			}
 		}
 	}
-	
+
 	if (error == 1) {
 		for (i = nargs - 1; i >= 0; i--) {
 			obj = valuePop(ctxt);
-			xmlXPathFreeObject(obj);
+                       if (obj) {
+                               xmlXPathFreeObject(obj);
+                       }
 		}
 		return;
 	}
-		
+
 	fci.param_count = nargs - 1;
 	if (fci.param_count > 0) {
 		fci.params = safe_emalloc(fci.param_count, sizeof(zval**), 0);
@@ -297,14 +299,16 @@
 		xmlXPathFreeObject(obj);
 		fci.params[i] = &args[i];
 	}
-	
+
 	fci.size = sizeof(fci);
 	fci.function_table = EG(function_table);
-	
+
 	obj = valuePop(ctxt);
-	if (obj->stringval == NULL) {
-		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Handler name must be a string");
-		xmlXPathFreeObject(obj);
+       if (obj == NULL || obj->stringval == NULL) {
+               if (obj) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "Handler name must be a string");
+                       xmlXPathFreeObject(obj);
+               }
 		valuePush(ctxt, xmlXPathNewString(""));
 		if (fci.param_count > 0) {
 			for (i = 0; i < nargs - 1; i++) {

Places

File php-CVE-2015-6837,6838.patch of Package php5

Places