From 416386acc4fb9e60b7fab074d27b75009f79cb66 Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Sat, 11 Oct 2025 12:56:10 +0200
Subject: [PATCH] Fix memory leak in phar_parse_zipfile() error handling

Closes GH-20134.
---
 NEWS           | 1 +
 ext/phar/zip.c | 9 ++++++---
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index 5d0a74f885f..6f764b0c853 100644
--- a/NEWS
+++ b/NEWS
@@ -18,6 +18,7 @@ PHP                                                                        NEWS
 - Phar:
   . Fix memory leak of argument in webPhar. (nielsdos)
   . Fix memory leak when setAlias() fails. (nielsdos)
+  . Fix memory leak in phar_parse_zipfile() error handling. (nielsdos)
 
 - Random:
   . Fix Randomizer::__serialize() w.r.t. INDIRECTs. (nielsdos)
diff --git a/ext/phar/zip.c b/ext/phar/zip.c
index dff170dc29b..78725949d2f 100644
--- a/ext/phar/zip.c
+++ b/ext/phar/zip.c
@@ -641,7 +641,8 @@ foundit:
 					}
 				}
 
-				if (!entry.uncompressed_filesize || !actual_alias) {
+				if (!entry.uncompressed_filesize) {
+					efree(actual_alias);
 					php_stream_filter_remove(filter, 1);
 					pefree(entry.filename, entry.is_persistent);
 					PHAR_ZIP_FAIL("unable to read in alias, truncated");
@@ -674,7 +675,8 @@ foundit:
 					}
 				}
 
-				if (!entry.uncompressed_filesize || !actual_alias) {
+				if (!entry.uncompressed_filesize) {
+					efree(actual_alias);
 					php_stream_filter_remove(filter, 1);
 					pefree(entry.filename, entry.is_persistent);
 					PHAR_ZIP_FAIL("unable to read in alias, truncated");
@@ -697,7 +699,8 @@ foundit:
 					}
 				}
 
-				if (!entry.uncompressed_filesize || !actual_alias) {
+				if (!entry.uncompressed_filesize) {
+					efree(actual_alias);
 					pefree(entry.filename, entry.is_persistent);
 					PHAR_ZIP_FAIL("unable to read in alias, truncated");
 				}