From b735a4419c1e796520b395a2aa0b6943d9157b73 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Wed, 3 Aug 2016 22:37:57 -0700
Subject: [PATCH] Fix bug #72708 - php_snmp_parse_oid integer overflow in
 memory allocation

(cherry picked from commit c3f6d6da100c6451a540680504de4105b8bed83c)

Conflicts:
	ext/snmp/snmp.c
	main/php_version.h
---
 ext/snmp/snmp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/snmp/snmp.c b/ext/snmp/snmp.c
index 7b685ff5dc..63e8095ed7 100644
--- a/ext/snmp/snmp.c
+++ b/ext/snmp/snmp.c
@@ -1011,7 +1011,7 @@ static int php_snmp_parse_oid(zval *object, int st, struct objid_query *objid_qu
 			php_error_docref(NULL, E_WARNING, "Got empty OID array");
 			return FALSE;
 		}
-		objid_query->vars = (snmpobjarg *)emalloc(sizeof(snmpobjarg) * zend_hash_num_elements(Z_ARRVAL_P(oid)));
+		objid_query->vars = (snmpobjarg *)safe_emalloc(sizeof(snmpobjarg), zend_hash_num_elements(Z_ARRVAL_P(oid)), 0);
 		if (objid_query->vars == NULL) {
 			php_error_docref(NULL, E_WARNING, "emalloc() failed while parsing oid array: %s", strerror(errno));
 			efree(objid_query->vars);
-- 
2.40.0