From 2b90acb4691b5b4a87eb42ae05e4c18e118659c5 Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Sun, 22 Sep 2024 19:44:39 +0200
Subject: [PATCH] Fix GH-15986: Double-free due to
 Pdo\Pgsql::setNoticeCallback()

We need to release the fcall info cache instead of destroying it.

Closes GH-15987.
---
 NEWS                      | 4 ++++
 ext/pdo_pgsql/pdo_pgsql.c | 4 +---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index d4fcd6a2eab..852504d4e7e 100644
--- a/NEWS
+++ b/NEWS
@@ -30,6 +30,10 @@ PHP                                                                        NEWS
 - PCRE:
   . Fix UAF issues with PCRE after request shutdown. (nielsdos)
 
+- PDO_PGSQL:
+  . Fixed GH-15986 (Double-free due to Pdo\Pgsql::setNoticeCallback()). (cmb,
+    nielsdos)
+
 - Reflection:
   . Add missing ReflectionProperty::hasHook[s]() methods. (ilutov)
   . Add missing ReflectionProperty::isFinal() method. (ilutov)
diff --git a/ext/pdo_pgsql/pdo_pgsql.c b/ext/pdo_pgsql/pdo_pgsql.c
index caa2caee54d..877b751a850 100644
--- a/ext/pdo_pgsql/pdo_pgsql.c
+++ b/ext/pdo_pgsql/pdo_pgsql.c
@@ -169,9 +169,7 @@ PHP_METHOD(Pdo_Pgsql, setNoticeCallback)
 	return;
 
 cleanup:
-	if (ZEND_FCC_INITIALIZED(fcc)) {
-		zend_fcc_dtor(&fcc);
-	}
+	zend_release_fcall_info_cache(&fcc);
 	RETURN_THROWS();
 }