Fix GH-13984: Buffer size is now checked before memcmp (#13991)

Fixed an issue where a buffer overflow occurred when a string shorter than
`:memory:` was passed as the db name of pdo_sqlite.

fixed #13984
closes #13991

NEWS

@@ -29,6 +29,9 @@ PHP                                                                        NEWS
   . Fixed bug GH-10495 (feof on OpenSSL stream hangs indefinitely).
     (Jakub Zelenka)
 
+- PDO SQLite:
+  . Fix GH-13984 (Buffer size is now checked before memcmp). (Saki Takamachi)
+
 - Phar:
   . Fixed bug GH-13836 (Renaming a file in a Phar to an already existing
     filename causes a NULL pointer dereference). (nielsdos)

ext/pdo_sqlite/sqlite_driver.c

@@ -751,7 +751,7 @@ static char *make_filename_safe(const char *filename)
 		}
 		return estrdup(filename);
 	}
-	if (*filename && memcmp(filename, ":memory:", sizeof(":memory:"))) {
+	if (*filename && strcmp(filename, ":memory:")) {
 		char *fullpath = expand_filepath(filename, NULL);
 
 		if (!fullpath) {

ext/pdo_sqlite/tests/gh13991.phpt

@@ -0,0 +1,18 @@
+--TEST--
+Fix GH-13984: Buffer size is now checked before memcmp
+--EXTENSIONS--
+pdo_sqlite
+--SKIPIF--
+<?php if (file_exists(getcwd() . '/13991db')) die('skip File "13991db" already exists.'); ?>
+--FILE--
+<?php
+$dbfile = '13991db';
+$db = new PDO('sqlite:' . $dbfile, null, null, [PDO::ATTR_PERSISTENT => true]);
+echo 'done!';
+?>
+--CLEAN--
+<?php
+@unlink(getcwd() . '/13991db');
+?>
+--EXPECT--
+done!