File php-5.2.14-CVE-2012-1823.patch of Package php-5.2.17

CVE-2012-1823
https://bugs.php.net/patch-display.php?bug=61910&patch=cgi.diff&revision=1335984315
plus 
CVE-2012-2311 
https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff-fix-check.patch&revision=latest
Index: sapi/cgi/cgi_main.c
===================================================================
--- sapi/cgi/cgi_main.c.orig
+++ sapi/cgi/cgi_main.c
@@ -62,6 +62,7 @@
 #include "php_main.h"
 #include "fopen_wrappers.h"
 #include "ext/standard/php_standard.h"
+#include "ext/standard/url.h"
 #ifdef PHP_WIN32
 #include <io.h>
 #include <fcntl.h>
@@ -1354,6 +1355,10 @@ int main(int argc, char *argv[])
 	int status = 0;
 #endif
 #endif /* PHP_FASTCGI */
+ 
+        char *query_string;
+        char *decoded_query_string;
+        int skip_getopt = 0;
 
 #if 0 && defined(PHP_DEBUG)
 	/* IIS is always making things more difficult.  This allows
@@ -1408,7 +1413,16 @@ int main(int argc, char *argv[])
 	}
 #endif
 
-	while ((c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0)) != -1) {
+       if(query_string = getenv("QUERY_STRING")) {
+               decoded_query_string = strdup(query_string);
+               php_url_decode(decoded_query_string, strlen(decoded_query_string));
+               if(*decoded_query_string == '-' && strchr(query_string, '=') == NULL) {
+                       skip_getopt = 1;
+               }
+               free(decoded_query_string);
+       }
+
+       while (!skip_getopt && (c = php_getopt(argc, argv, OPTIONS, &php_optarg, &php_optind, 0)) != -1) {
 		switch (c) {
 			case 'c':
 				if (cgi_sapi_module.php_ini_path_override) {