From 4833b84854bee04be09983ade42b6e25446cfbbc Mon Sep 17 00:00:00 2001
From: Derick Rethans <github@derickrethans.nl>
Date: Wed, 9 Aug 2023 10:19:10 +0100
Subject: [PATCH] Fix GH-11416: Crash with DatePeriod when uninitialised
 objects are passed in

---
 NEWS                            |  4 ++++
 ext/date/php_date.c             |  6 ++++++
 ext/date/tests/bug-gh11416.phpt | 28 ++++++++++++++++++++++++++++
 3 files changed, 38 insertions(+)
 create mode 100644 ext/date/tests/bug-gh11416.phpt

diff --git a/NEWS b/NEWS
index 071cf71a821..8057a9cf0a7 100644
--- a/NEWS
+++ b/NEWS
@@ -11,6 +11,10 @@ PHP                                                                        NEWS
 - Core:
   . Fixed strerror_r detection at configuration time. (Kévin Dunglas)
 
+- Date:
+  . Fixed bug GH-11416: Crash with DatePeriod when uninitialised objects
+    are passed in. (Derick)
+
 - DOM:
   . Fix DOMEntity field getter bugs. (nielsdos)
   . Fix incorrect attribute existence check in DOMElement::setAttributeNodeNS.
diff --git a/ext/date/php_date.c b/ext/date/php_date.c
index 7b0f223f92f..fe58eba5c89 100644
--- a/ext/date/php_date.c
+++ b/ext/date/php_date.c
@@ -4338,6 +4338,12 @@ PHP_METHOD(DatePeriod, __construct)
 		}
 		dpobj->start_ce = date_ce_date;
 	} else {
+		/* check initialisation */
+		DATE_CHECK_INITIALIZED(Z_PHPDATE_P(start)->time, DateTimeInterface);
+		if (end) {
+			DATE_CHECK_INITIALIZED(Z_PHPDATE_P(end)->time, DateTimeInterface);
+		}
+
 		/* init */
 		php_interval_obj *intobj = Z_PHPINTERVAL_P(interval);
 
diff --git a/ext/date/tests/bug-gh11416.phpt b/ext/date/tests/bug-gh11416.phpt
new file mode 100644
index 00000000000..f3746fa6ca6
--- /dev/null
+++ b/ext/date/tests/bug-gh11416.phpt
@@ -0,0 +1,28 @@
+--TEST--
+Bug GH-11416: Crash with DatePeriod when uninitialised objects are passed in
+--INI--
+date.timezone=UTC
+--FILE--
+<?php
+$now = new DateTimeImmutable();
+
+$date = (new ReflectionClass(DateTime::class))->newInstanceWithoutConstructor();
+try {
+	new DatePeriod($date, new DateInterval('P1D'), 2);
+} catch (Error $e) {
+	echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+$date = (new ReflectionClass(DateTime::class))->newInstanceWithoutConstructor();
+try {
+	new DatePeriod($now, new DateInterval('P1D'), $date);
+} catch (Error $e) {
+	echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+echo "OK\n";
+?>
+--EXPECT--
+Error: The DateTimeInterface object has not been correctly initialized by its constructor
+Error: The DateTimeInterface object has not been correctly initialized by its constructor
+OK