Merge branch 'PHP-7.2' into PHP-7.3

* PHP-7.2:
  Fix #79877: getimagesize function silently truncates after a null byte
  Fix #79797: Use of freed hash key in the phar_parse_zipfile function

Author: smalyshev

ext/phar/tests/bug79797.phar

@@ -0,0 +1,14 @@
+--TEST--
+Bug #79797 (Use of freed hash key in the phar_parse_zipfile function)
+--SKIPIF--
+<?php
+if (!extension_loaded('phar')) die('skip phar extension not available');
+?>
+--INI--
+phar.cache_list={PWD}/bug79797.phar
+--FILE--
+<?php
+echo "done\n";
+?>
+--EXPECT--
+done

ext/phar/tests/bug79797.phpt

@@ -705,7 +705,7 @@ int phar_parse_zipfile(php_stream *fp, char *fname, size_t fname_len, char *alia
 			efree(actual_alias);
 		}
 
-		zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), actual_alias, mydata->alias_len, mydata);
+		zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), mydata->alias, mydata->alias_len, mydata);
 	} else {
 		phar_archive_data *fd_ptr;
 

ext/phar/zip.c

@@ -1496,6 +1496,11 @@ static void php_getimagesize_from_any(INTERNAL_FUNCTION_PARAMETERS, int mode) {
 		Z_PARAM_ZVAL_DEREF(info)
 	ZEND_PARSE_PARAMETERS_END();
 
+	if (mode == FROM_PATH && CHECK_NULL_PATH(input, input_len)) {
+		php_error_docref(NULL, E_WARNING, "Invalid path");
+		return;
+	}
+
 	if (argc == 2) {
 		zval_ptr_dtor(info);
 		array_init(info);

ext/standard/image.c

@@ -0,0 +1,9 @@
+--TEST--
+Bug #79877 (getimagesize function silently truncates after a null byte)
+--FILE--
+<?php
+var_dump(getimagesize("/tmp/a.png\0xx"));
+?>
+--EXPECTF--
+Warning: getimagesize(): Invalid path in %s on line %d
+NULL