Merge branch 'PHP-8.3' into PHP-8.4

NEWS

@@ -48,6 +48,8 @@ PHP                                                                        NEWS
 
 - Zip:
   . Fixed bug GH-19688 (Remove pattern overflow in zip addGlob()). (nielsdos)
+  . Fixed bug GH-19932 (Memory leak in zip setEncryptionName()/setEncryptionIndex()).
+    (David Carlier)
 
 25 Sep 2025, PHP 8.4.13
 

ext/zip/php_zip.c

@@ -2386,6 +2386,11 @@ PHP_METHOD(ZipArchive, setEncryptionName)
 		RETURN_FALSE;
 	}
 
+	if (UNEXPECTED(zip_file_set_encryption(intern, idx, ZIP_EM_NONE, NULL) < 0)) {
+		php_error_docref(NULL, E_WARNING, "password reset failed");
+		RETURN_FALSE;
+	}
+
 	if (zip_file_set_encryption(intern, idx, (zip_uint16_t)method, password)) {
 		RETURN_FALSE;
 	}
@@ -2409,6 +2414,11 @@ PHP_METHOD(ZipArchive, setEncryptionIndex)
 
 	ZIP_FROM_OBJECT(intern, self);
 
+	if (UNEXPECTED(zip_file_set_encryption(intern, index, ZIP_EM_NONE, NULL) < 0)) {
+		php_error_docref(NULL, E_WARNING, "password reset failed");
+		RETURN_FALSE;
+	}
+
 	if (zip_file_set_encryption(intern, index, (zip_uint16_t)method, password)) {
 		RETURN_FALSE;
 	}

ext/zip/tests/gh19932.phpt

@@ -0,0 +1,25 @@
+--TEST--
+GH-19932 (ZipArchive::setEncryptionName()/setEncryptionIndex() memory leak)
+--EXTENSIONS--
+zip
+--SKIPIF--
+<?php if (!method_exists('ZipArchive', 'setEncryptionName')) die('skip encryption not supported'); ?>
+--FILE--
+<?php
+$zip = new ZipArchive();
+$zip->open(__DIR__ . "/gh19932.zip", ZipArchive::CREATE);
+$zip->addFromString("test.txt", "test");
+$zip->setEncryptionName("test.txt", ZipArchive::EM_AES_256, "password");
+$zip->setEncryptionName("test.txt", ZipArchive::EM_AES_256, "password");
+$zip->setEncryptionIndex("0", ZipArchive::EM_AES_256, "password");
+$zip->setEncryptionIndex("0", ZipArchive::EM_AES_256, "password");
+$zip->close();
+echo "OK";
+?>
+--CLEAN--
+<?php
+@unlink(__DIR__ . "/gh19932.zip");
+?>
+--EXPECT--
+OK
+