Fix #81070: Validate new memory limit for integer underflow

When the memory limit is reduced using an `ini_set("memory_limit", ..)`
below the currently allocated memory, the out-of-memory check overflowed.
Instead of implementing additional checks during allocation,
`zend_set_memory_limit` now validates the new memory limit. When below
the current memory usage the ini_set call will return a warning.

Author: pvandommelen

Zend/tests/bug81070.phpt

@@ -0,0 +1,9 @@
+--TEST--
+Bug #81070	Setting memory limit to below current usage
+--FILE--
+<?php
+$a = str_repeat("0", 5 * 1024 * 1024);
+ini_set("memory_limit", "3M");
+?>
+--EXPECTF--
+Warning: Failed to set memory limit to 3145728 bytes (Current memory usage is %d bytes) in %s on line %d

Zend/zend_alloc.c

@@ -2660,6 +2660,9 @@ ZEND_API char* ZEND_FASTCALL zend_strndup(const char *s, size_t length)
 ZEND_API int zend_set_memory_limit(size_t memory_limit)
 {
 #if ZEND_MM_LIMIT
+	if (UNEXPECTED(memory_limit < AG(mm_heap)->real_size)) {
+		return FAILURE;
+	}
 	AG(mm_heap)->limit = (memory_limit >= ZEND_MM_CHUNK_SIZE) ? memory_limit : ZEND_MM_CHUNK_SIZE;
 #endif
 	return SUCCESS;

main/main.c

@@ -296,12 +296,18 @@ static PHP_INI_MH(OnSetSerializePrecision)
  */
 static PHP_INI_MH(OnChangeMemoryLimit)
 {
+	size_t value;
 	if (new_value) {
-		PG(memory_limit) = zend_atol(ZSTR_VAL(new_value), ZSTR_LEN(new_value));
+		value = zend_atol(ZSTR_VAL(new_value), ZSTR_LEN(new_value));
 	} else {
-		PG(memory_limit) = Z_L(1)<<30;		/* effectively, no limit */
+		value = Z_L(1)<<30;		/* effectively, no limit */
 	}
-	return zend_set_memory_limit(PG(memory_limit));
+	if (zend_set_memory_limit(value) == FAILURE) {
+		zend_error(E_WARNING, "Failed to set memory limit to %zd bytes (Current memory usage is %zd bytes)", value, zend_memory_usage(true));
+		return FAILURE;
+	}
+	PG(memory_limit) = value;
+	return SUCCESS;
 }
 /* }}} */