Merge branch 'PHP-7.4'

* PHP-7.4:
  Disable instantiation of zero size FFI\CData objects
  Fix # 79171: heap-buffer-overflow in phar_extract_file
  Fix bug #79082 - Files added to tar with Phar::buildFromIterator have all-access permissions
  Fix bug #79221 - Null Pointer Dereference in PHP Session Upload Progress

Author: dstogov

ext/ffi/ffi.c

@@ -3657,6 +3657,12 @@ ZEND_METHOD(FFI, new) /* {{{ */
 		}
 	}
 
+	if (type->size == 0) {
+		zend_throw_error(zend_ffi_exception_ce, "Cannot instantiate FFI\\CData of zero size");
+		zend_ffi_type_dtor(type_ptr);
+		return;
+	}
+
 	ptr = pemalloc(type->size, flags & ZEND_FFI_FLAG_PERSISTENT);
 	memset(ptr, 0, type->size);
 

ext/ffi/tests/023.phpt

@@ -6,13 +6,17 @@ FFI 023: GCC struct extensions
 ffi.enable=1
 --FILE--
 <?php
-    var_dump(FFI::sizeof(FFI::new("struct {}")));
+    try {
+        var_dump(FFI::sizeof(FFI::new("struct {}")));
+    } catch (Throwable $e) {
+        echo get_class($e) . ": " . $e->getMessage() . "\n";
+    }
     var_dump(FFI::sizeof(FFI::new("struct {int a}")));
     var_dump(FFI::sizeof(FFI::new("struct {int a; int b}")));
 ?>
 ok
 --EXPECT--
-int(0)
+FFI\Exception: Cannot instantiate FFI\CData of zero size
 int(4)
 int(8)
 ok

ext/ffi/tests/027.phpt

@@ -81,7 +81,7 @@ FFI\ParserException: '[*]' not allowed in other than function prototype scope at
 FFI\ParserException: '[*]' not allowed in other than function prototype scope at line 1
 FFI\ParserException: '[*]' not allowed in other than function prototype scope at line 1
 ok
-int(0)
+FFI\Exception: Cannot instantiate FFI\CData of zero size
 FFI\ParserException: '[]' not allowed at line 1
 FFI\ParserException: '[]' not allowed at line 1
 ok

ext/ffi/tests/045.phpt

@@ -24,4 +24,4 @@ try {
 bool(true)
 bool(false)
 TypeError: FFI::isNull() expects parameter 1 to be FFI\CData, null given
-FFI\Exception: FFI\Cdata is not a pointer
+FFI\Exception: Cannot instantiate FFI\CData of zero size