1 files changed, 4 insertions, 0 deletions

diff --git a/main/php_variables.c b/main/php_variables.c
index 668015f7f8..556a323219 100644
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -212,9 +212,11 @@ SAPI_API SAPI_POST_HANDLER_FUNC(php_std_post_handler)
 			*val++ = '\0';
 			php_url_decode(var, strlen(var));
 			val_len = php_url_decode(val, strlen(val));
+			val = estrndup(val, val_len);
 			if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
 				php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
 			}
+			efree(val);
 		}
 		var = php_strtok_r(NULL, "&", &strtok_buf);
 	}
@@ -310,9 +312,11 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data)
 			*val++ = '\0';
 			php_url_decode(var, strlen(var));
 			val_len = php_url_decode(val, strlen(val));
+			val = estrndup(val, val_len);
 			if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
 				php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
 			}
+			efree(val);
 		} else {
 			php_url_decode(var, strlen(var));
 			php_register_variable_safe(var, "", 0, array_ptr TSRMLS_CC);