$NetBSD: patch-au,v 1.2.2.1 2006/10/29 16:47:58 ghen Exp $

# CVE-2006-4625

--- Zend/zend_ini.c.orig	2005-09-02 22:09:03.000000000 +0100
+++ Zend/zend_ini.c
@@ -256,7 +256,8 @@ ZEND_API int zend_restore_ini_entry(char
 	zend_ini_entry *ini_entry;
 	TSRMLS_FETCH();
 
-	if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE) {
+	if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE ||
+            (stage == ZEND_INI_STAGE_RUNTIME && (ini_entry->modifyable & ZEND_INI_USER) == 0)) {                return FAILURE;
 		return FAILURE;
 	}
 
