From 2d52e47e487defc5b81183221f5a4071910b1ff8 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@php.net>
Date: Mon, 13 Feb 2006 12:19:10 +0000
Subject: [PATCH] Fixed bug #36205 (Memory leaks on duplicate cookies)

---
 NEWS                 | 1 +
 main/php_variables.c | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/NEWS b/NEWS
index 5eadb57d10..fd1a508f5e 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,7 @@ PHP 4                                                                      NEWS
 - Added a check for special characters in the session name. (Ilia)
 - Fixed bug #36242 (Possible memory corruption in stream_select()). (Tony)
 - Fixed bug #36223 (curl bypasses open_basedir restrictions). (Tony)
+- Fixed bug #36205 (Memory leaks on duplicate cookies). (Dmitry)
 - Fixed bug #36148 (unpack("H*hex", $data) is adding an extra character to the 
   end of the string). (Ilia)
 - Fixed bug #36017 (fopen() crashes PHP when opening a URL). (Tony)
diff --git a/main/php_variables.c b/main/php_variables.c
index 6cd5402253..eacb0a4425 100644
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -201,6 +201,7 @@ plain_var:
 					if (PG(http_globals)[TRACK_VARS_COOKIE] && symtable1 == Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_COOKIE]) && 
 							zend_hash_find(symtable1, escaped_index, index_len+1, (void **) &tmp) != FAILURE) {
 						efree(escaped_index);
+						zval_ptr_dtor(&gpc_element);
 						break;
 					}
 					
@@ -209,6 +210,7 @@ plain_var:
 				} else {
 					if (PG(http_globals)[TRACK_VARS_COOKIE] && symtable1 == Z_ARRVAL_P(PG(http_globals)[TRACK_VARS_COOKIE]) && 
 							zend_hash_find(symtable1, index, index_len+1, (void **) &tmp) != FAILURE) {
+						zval_ptr_dtor(&gpc_element);
 						break;
 					}
 				
-- 
2.50.1