ex/stand/var_unsirizer.c中的对象_common1函数5.6.30前、7.0.x7.0.15前和7.1.x7.1.1前允许远程攻击者通过编译串行数据拒绝服务(缓冲超读应用崩溃)
http://php.net/ChangeLog-5.php
http://php.net/ChangeLog-7.php
https://access.redhat.com/errata/RHSA-2018:1296
https://bugs.php.net/bug.php?id=73825
https://github.com/php/php-src/commit/16b3003ffc6393e250f069aa28a78dc5a2c064b2
https://security.gentoo.org/glsa/201702-29
https://security.netapp.com/advisory/ntap-20180112-0001/
//www.yyueer.com/security/tns-2017-04