Merge branch 'PHP-8.5'

* PHP-8.5:
  ext/zip: fix memory leak when encryption is passed as userland array option.

ext/zip/php_zip.c

@@ -1752,6 +1752,11 @@ static void php_zip_add_from_pattern(INTERNAL_FUNCTION_PARAMETERS, int type) /*
 				}
 #ifdef HAVE_ENCRYPTION
 				if (opts.enc_method >= 0) {
+					if (UNEXPECTED(zip_file_set_encryption(ze_obj->za, ze_obj->last_id, ZIP_EM_NONE, NULL) < 0)) {
+						zend_array_destroy(Z_ARR_P(return_value));
+						php_error_docref(NULL, E_WARNING, "password reset failed");
+						RETURN_FALSE;
+					}
 					if (zip_file_set_encryption(ze_obj->za, ze_obj->last_id, opts.enc_method, opts.enc_password)) {
 						zend_array_destroy(Z_ARR_P(return_value));
 						RETURN_FALSE;

ext/zip/tests/oo_addglob_leak.phpt

@@ -0,0 +1,51 @@
+--TEST--
+ZipArchive::addGlob() method leaking after several calls when encryption is set.
+--EXTENSIONS--
+zip
+--SKIPIF--
+<?php
+if (!method_exists('ZipArchive', 'setEncryptionName')) die('skip encrytion not supported');
+if(!defined("GLOB_BRACE")) die ('skip requires GLOB_BRACE');
+?>
+--FILE--
+<?php
+$dirname = __DIR__ . '/';
+include $dirname . 'utils.inc';
+
+$dirname = __DIR__ . '/__tmp_oo_addglob2/';
+$file = $dirname . 'test.zip';
+
+@mkdir($dirname);
+copy(__FILE__, $dirname . 'foo.txt');
+copy(__FILE__, $dirname . 'bar.txt');
+
+$zip = new ZipArchive();
+if (!$zip->open($file, ZipArchive::CREATE | ZipArchive::OVERWRITE)) {
+        exit('failed');
+}
+
+$options = [
+    'remove_all_path' => true,
+    'comp_method' => ZipArchive::CM_STORE,
+    'comp_flags' => 5,
+    'enc_method' => ZipArchive::EM_AES_256,
+    'enc_password' => 'secret',
+];
+var_dump($zip->addGlob($dirname . 'bar.*', GLOB_BRACE, $options));
+var_dump($zip->addGlob($dirname . 'bar.*', GLOB_BRACE, $options));
+?>
+--CLEAN--
+<?php
+$dirname = __DIR__ . '/';
+include $dirname . 'utils.inc';
+rmdir_rf(__DIR__ . '/__tmp_oo_addglob2/');
+?>
+--EXPECTF--
+array(1) {
+  [0]=>
+  string(%d) "%s"
+}
+array(1) {
+  [0]=>
+  string(%d) "%s"
+}