$NetBSD: patch-ab,v 1.1.2.2 2006/10/29 16:47:58 ghen Exp $

# CVE-2006-4625

--- Zend/zend_ini.c.orig	2006-01-04 23:53:04.000000000 +0000
+++ Zend/zend_ini.c
@@ -256,8 +256,8 @@ ZEND_API int zend_restore_ini_entry(char
 	zend_ini_entry *ini_entry;
 	TSRMLS_FETCH();
 
-	if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE) {
-		return FAILURE;
+	if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE ||
+	    (stage == ZEND_INI_STAGE_RUNTIME && (ini_entry->modifiable & ZEND_INI_USER) == 0)) { 		return FAILURE;
 	}
 
 	zend_restore_ini_entry_cb(ini_entry, stage TSRMLS_CC);
