From cefdf00e7edf2a06e3413a733556f5f5e5d3980b Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Sun, 23 Feb 2025 09:36:05 +0000
Subject: [PATCH] Fix GH-17899: zend_test_compile_string crash on invalid
 script path.

when opcache is enabled.

close GH-17901
---
 NEWS                             |  2 ++
 ext/opcache/ZendAccelerator.c    |  7 ++++++-
 ext/zend_test/tests/gh17899.phpt | 34 ++++++++++++++++++++++++++++++++
 3 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 ext/zend_test/tests/gh17899.phpt

diff --git a/NEWS b/NEWS
index 2f542eef11a..71711936262 100644
--- a/NEWS
+++ b/NEWS
@@ -42,6 +42,8 @@ PHP                                                                        NEWS
   . Fixed bug GH-17654 (Multiple classes using same trait causes function
     JIT crash). (nielsdos)
   . Fixed bug GH-17577 (JIT packed type guard crash). (nielsdos, Dmitry)
+  . Fixed bug GH-17899 (zend_test_compile_string with invalid path
+    when opcache is enabled). (David Carlier)
 
 - PDO_SQLite:
   . Fixed GH-17837 ()::getColumnMeta() on unexecuted statement segfaults).
diff --git a/ext/opcache/ZendAccelerator.c b/ext/opcache/ZendAccelerator.c
index a71a512c03e..eac5cbbc41f 100644
--- a/ext/opcache/ZendAccelerator.c
+++ b/ext/opcache/ZendAccelerator.c
@@ -1334,7 +1334,12 @@ zend_string *accel_make_persistent_key(zend_string *str)
 		    EXPECTED((parent_script = zend_get_executed_filename_ex()) != NULL)) {
 
 			parent_script_len = ZSTR_LEN(parent_script);
-			while ((--parent_script_len > 0) && !IS_SLASH(ZSTR_VAL(parent_script)[parent_script_len]));
+			while (parent_script_len > 0) {
+				--parent_script_len;
+				if (IS_SLASH(ZSTR_VAL(parent_script)[parent_script_len])) {
+					break;
+				}
+			}
 
 			if (UNEXPECTED((size_t)(key_length + parent_script_len + 1) >= ZCG_KEY_LEN)) {
 				return NULL;
diff --git a/ext/zend_test/tests/gh17899.phpt b/ext/zend_test/tests/gh17899.phpt
new file mode 100644
index 00000000000..62862430460
--- /dev/null
+++ b/ext/zend_test/tests/gh17899.phpt
@@ -0,0 +1,34 @@
+--TEST--
+GH-17899 (zend_test_compile_string with opcache crash on invalid script path)
+--EXTENSIONS--
+zend_test
+--INI--
+opcache.enable_cli=1
+--CREDITS--
+YuanchengJiang
+--FILE--
+<?php
+$source = '<?php
+require("sumfile.php");
+?>';
+try {zend_test_compile_string($source,$source,$c);} catch (Exception $e) { echo($e); }
+--EXPECTF--
+
+Warning: Undefined variable $c in %s on line %d
+
+Deprecated: zend_test_compile_string(): Passing null to parameter #3 ($position) of type int is deprecated in %s on line %d
+
+Warning: require(sumfile.php): Failed to open stream: No such file or directory in <?php
+require("sumfile.php");
+?> on line %d
+
+Fatal error: Uncaught Error: Failed opening required 'sumfile.php' (include_path='.%s') in <?php
+require("sumfile.php");
+?>:%d
+Stack trace:
+#0 %s(%d): zend_test_compile_string('<?php\nrequire("...', '<?php\nrequire("...', NULL)
+#1 {main}
+  thrown in <?php
+require("sumfile.php");
+?> on line %d
+