From bec6bca2de5aaf1a1b186722901dc75ec1529fea Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Sat, 15 Oct 2016 10:17:16 +0200
Subject: PHP 5.5.38 with 15 security fix from 5.6.27

---
 bug73150.patch | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 bug73150.patch

(limited to 'bug73150.patch')

diff --git a/bug73150.patch b/bug73150.patch
new file mode 100644
index 0000000..0482167
--- /dev/null
+++ b/bug73150.patch
@@ -0,0 +1,37 @@
+Backported from 5.6.27 by Remi.
+
+
+From 1c0e9126fbfb7fde3173347b7464237f56c38bfa Mon Sep 17 00:00:00 2001
+From: Stanislav Malyshev <stas@php.net>
+Date: Sun, 25 Sep 2016 21:25:01 -0700
+Subject: [PATCH] Fix bug #73150: missing NULL check in dom_document_save_html
+
+---
+ ext/dom/document.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/ext/dom/document.c b/ext/dom/document.c
+index d33aaf1..1970c38 100644
+--- a/ext/dom/document.c
++++ b/ext/dom/document.c
+@@ -1853,7 +1853,7 @@ PHP_FUNCTION(dom_document_savexml)
+ 		if (options & LIBXML_SAVE_NOEMPTYTAG) {
+ 			xmlSaveNoEmptyTags = saveempty;
+ 		}
+-		if (!size) {
++		if (!size || !mem) {
+ 			RETURN_FALSE;
+ 		}
+ 		RETVAL_STRINGL(mem, size, 1);
+@@ -2388,7 +2388,7 @@ PHP_FUNCTION(dom_document_save_html)
+ #else
+ 		htmlDocDumpMemory(docp, &mem, &size);
+ #endif
+-		if (!size) {
++		if (!size || !mem) {
+ 			RETVAL_FALSE;
+ 		} else {
+ 			RETVAL_STRINGL((const char*) mem, size, 1);
+-- 
+2.1.4
+
-- 
cgit