From a1742113efdc92032e3d02af9d99b779cfd358fe Mon Sep 17 00:00:00 2001 From: Ilija Tovilo Date: Thu, 21 Aug 2025 17:22:52 +0200 Subject: [PATCH] Fix signed int overflow in scanner This will break scanning of string literals >=2GB. yyleng is still limited to unsigned int, i.e. 4GB, but we can't fix this without breaking the ABI. Partially addresses GH-19542 --- Zend/zend_language_scanner.l | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Zend/zend_language_scanner.l b/Zend/zend_language_scanner.l index 3ea51fe7c9d02..6276bd785b2e9 100644 --- a/Zend/zend_language_scanner.l +++ b/Zend/zend_language_scanner.l @@ -911,7 +911,7 @@ ZEND_API void zend_multibyte_yyinput_again(zend_encoding_filter old_input_filter ZVAL_STRINGL(zendlval, yytext, yyleng); \ } -static zend_result zend_scan_escape_string(zval *zendlval, char *str, int len, char quote_type) +static zend_result zend_scan_escape_string(zval *zendlval, char *str, size_t len, char quote_type) { char *s, *t; char *end;