Merge branch 'PHP-8.4' into PHP-8.5

LamentXU123 · LamentXU123 · commit acbe0d26847d · 2026-06-22T13:21:45.000+08:00
* PHP-8.4: ext/intl: Fix double construction leaks (php#22386)
diff --git a/NEWS b/NEWS
@@ -48,6 +48,8 @@ PHP                                                                        NEWS
     for invalid display types. (Weilin Du)
   . Fixed Locale::lookup() and locale_lookup() to return NULL instead of the
     fallback locale when a language tag cannot be canonicalized. (Weilin Du)
+  . Fixed memory leaks when calling Collator::__construct() or
+    Spoofchecker::__construct() twice. (Weilin Du)
 
 - Opcache:
   . Fixed bug GH-22265 (Another tailcall vm_interrupt bug). (Levi Morrison)
diff --git a/ext/intl/collator/collator_create.c b/ext/intl/collator/collator_create.c
@@ -37,6 +37,10 @@ static int collator_ctor(INTERNAL_FUNCTION_PARAMETERS)
 
 	INTL_CHECK_LOCALE_LEN_OR_FAILURE(locale_len);
 	COLLATOR_METHOD_FETCH_OBJECT;
+	if (co->ucoll) {
+		zend_throw_error(NULL, "Collator object is already constructed");
+		return FAILURE;
+	}
 
 	if(locale_len == 0) {
 		locale = (char *)intl_locale_get_default();
diff --git a/ext/intl/spoofchecker/spoofchecker_create.c b/ext/intl/spoofchecker/spoofchecker_create.c
@@ -31,6 +31,12 @@ PHP_METHOD(Spoofchecker, __construct)
 	ZEND_PARSE_PARAMETERS_NONE();
 
 	SPOOFCHECKER_METHOD_FETCH_OBJECT_NO_CHECK;
+	if (co->uspoof) {
+		zend_throw_error(NULL, "Spoofchecker object is already constructed");
+		RETURN_THROWS();
+	}
+
+	zend_replace_error_handling(EH_THROW, IntlException_ce_ptr, &error_handling);
 
 	co->uspoof = uspoof_open(SPOOFCHECKER_ERROR_CODE_P(co));
 	if (U_FAILURE(INTL_DATA_ERROR_CODE(co))) {
diff --git a/ext/intl/tests/collator_double_ctor.phpt b/ext/intl/tests/collator_double_ctor.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Collator double construction should not be allowed
+--EXTENSIONS--
+intl
+--FILE--
+<?php
+$collator = new Collator('en_US');
+
+try {
+    $collator->__construct('en_US');
+} catch (Error $e) {
+    echo $e->getMessage(), "\n";
+}
+?>
+--EXPECT--
+Collator object is already constructed
diff --git a/ext/intl/tests/spoofchecker_double_ctor.phpt b/ext/intl/tests/spoofchecker_double_ctor.phpt
@@ -0,0 +1,18 @@
+--TEST--
+Spoofchecker double construction should not be allowed
+--EXTENSIONS--
+intl
+--SKIPIF--
+<?php if (!class_exists("Spoofchecker")) print "skip"; ?>
+--FILE--
+<?php
+$checker = new Spoofchecker();
+
+try {
+    $checker->__construct();
+} catch (Error $e) {
+    echo $e->getMessage(), "\n";
+}
+?>
+--EXPECT--
+Spoofchecker object is already constructed
