From f1486f0fd63e888028e625a5ae02f10cc729c4c7 Mon Sep 17 00:00:00 2001
From: Stanislav Malyshev <stas@php.net>
Date: Sun, 7 Aug 2016 16:26:52 -0700
Subject: [PATCH] Fix bug #72750: wddx_deserialize null dereference

(cherry picked from commit 6930a1d12c47aa1d2675837852910d177b0ceb11)

Conflicts:
	ext/wddx/wddx.c
---
 ext/wddx/tests/bug72750.phpt | 34 ++++++++++++++++++++++++++++++++++
 ext/wddx/wddx.c              |  6 +++++-
 2 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 ext/wddx/tests/bug72750.phpt

diff --git a/ext/wddx/tests/bug72750.phpt b/ext/wddx/tests/bug72750.phpt
new file mode 100644
index 0000000000..3a6794df28
--- /dev/null
+++ b/ext/wddx/tests/bug72750.phpt
@@ -0,0 +1,34 @@
+--TEST--
+Bug #72750: wddx_deserialize null dereference
+--SKIPIF--
+<?php
+if (!extension_loaded('wddx')) {
+    die('skip. wddx not available');
+}
+?>
+--FILE--
+<?php
+
+$xml = <<< XML
+<?xml version='1.0'?>
+<!DOCTYPE wddxPacket SYSTEM 'wddx_0100.dtd'>
+<wddxPacket version='1.0'>
+<header/>
+        <data>
+                <struct>
+                     <var name='aBinary'>
+                         <binary length='11'>\\tYmluYXJRhdGE=</binary>
+                     </var>
+                 </struct>
+        </data>
+</wddxPacket>
+XML;
+
+$array = wddx_deserialize($xml);
+var_dump($array);
+?>
+--EXPECT--
+array(1) {
+  ["aBinary"]=>
+  string(0) ""
+}
diff --git a/ext/wddx/wddx.c b/ext/wddx/wddx.c
index 11cf0be62e..40b41ba373 100644
--- a/ext/wddx/wddx.c
+++ b/ext/wddx/wddx.c
@@ -897,7 +897,11 @@ static void php_wddx_pop_element(void *user_data, const XML_Char *name)
 			zend_string *new_str = php_base64_decode(
 				(unsigned char *)Z_STRVAL(ent1->data), Z_STRLEN(ent1->data));
 			zval_ptr_dtor(&ent1->data);
-			ZVAL_STR(&ent1->data, new_str);
+			if (new_str) {
+				ZVAL_STR(&ent1->data, new_str);
+			} else {
+				ZVAL_EMPTY_STRING(&ent1->data);
+			}
 		}
 
 		/* Call __wakeup() method on the object. */
-- 
2.40.0