From 54ecf57fe290f69a2112d4c2ea3a1e99208e2797 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Mon, 17 Feb 2020 12:48:55 +0300
Subject: [PATCH] Disable instantiation of zero size FFI\CData objects

---
 ext/ffi/ffi.c          | 6 ++++++
 ext/ffi/tests/023.phpt | 8 ++++++--
 ext/ffi/tests/027.phpt | 2 +-
 ext/ffi/tests/045.phpt | 2 +-
 4 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/ext/ffi/ffi.c b/ext/ffi/ffi.c
index f43ba2adc8d..d99448dd69f 100644
--- a/ext/ffi/ffi.c
+++ b/ext/ffi/ffi.c
@@ -3685,6 +3685,12 @@ ZEND_METHOD(FFI, new) /* {{{ */
 		}
 	}
 
+	if (type->size == 0) {
+		zend_throw_error(zend_ffi_exception_ce, "Cannot instantiate FFI\\CData of zero size");
+		zend_ffi_type_dtor(type_ptr);
+		return;
+	}
+
 	ptr = pemalloc(type->size, flags & ZEND_FFI_FLAG_PERSISTENT);
 	memset(ptr, 0, type->size);
 
diff --git a/ext/ffi/tests/023.phpt b/ext/ffi/tests/023.phpt
index 37036203906..920a3bee3ec 100644
--- a/ext/ffi/tests/023.phpt
+++ b/ext/ffi/tests/023.phpt
@@ -6,13 +6,17 @@ FFI 023: GCC struct extensions
 ffi.enable=1
 --FILE--
 <?php
-	var_dump(FFI::sizeof(FFI::new("struct {}")));
+	try {
+		var_dump(FFI::sizeof(FFI::new("struct {}")));
+	} catch (Throwable $e) {
+		echo get_class($e) . ": " . $e->getMessage() . "\n";
+	}
 	var_dump(FFI::sizeof(FFI::new("struct {int a}")));
 	var_dump(FFI::sizeof(FFI::new("struct {int a; int b}")));
 ?>
 ok
 --EXPECT--
-int(0)
+FFI\Exception: Cannot instantiate FFI\CData of zero size
 int(4)
 int(8)
 ok
diff --git a/ext/ffi/tests/027.phpt b/ext/ffi/tests/027.phpt
index 14c51f77e42..6e3e76204b6 100644
--- a/ext/ffi/tests/027.phpt
+++ b/ext/ffi/tests/027.phpt
@@ -81,7 +81,7 @@ FFI\ParserException: '[*]' not allowed in other than function prototype scope at
 FFI\ParserException: '[*]' not allowed in other than function prototype scope at line 1
 FFI\ParserException: '[*]' not allowed in other than function prototype scope at line 1
 ok
-int(0)
+FFI\Exception: Cannot instantiate FFI\CData of zero size
 FFI\ParserException: '[]' not allowed at line 1
 FFI\ParserException: '[]' not allowed at line 1
 ok
diff --git a/ext/ffi/tests/045.phpt b/ext/ffi/tests/045.phpt
index 7118df9eb7b..b73c38aefb5 100644
--- a/ext/ffi/tests/045.phpt
+++ b/ext/ffi/tests/045.phpt
@@ -26,4 +26,4 @@ bool(false)
 
 Warning: FFI::isNull() expects parameter 1 to be FFI\CData, null given in %s045.php on line %d
 NULL
-FFI\Exception: FFI\Cdata is not a pointer
+FFI\Exception: Cannot instantiate FFI\CData of zero size