Merge branch 'PHP-8.2' into PHP-8.3

* PHP-8.2:
  [ci skip] NEWS
  Fix GH-13891: memleak and segfault when using ini_set with session.trans_sid_hosts (#13892)

Author: nielsdos

NEWS

@@ -34,6 +34,8 @@ PHP                                                                        NEWS
 - Session:
   . Fixed bug GH-13856 (Member access within null pointer of type 'ps_files' in
     ext/session/mod_files.c). (nielsdos)
+  . Fixed bug GH-13891 (memleak and segfault when using ini_set with
+    session.trans_sid_hosts). (nielsdos, kamil-tekiela).
 
 - Streams:
   . Fixed bug GH-13264 (Part 1 - Memory leak on stream filter failure).

ext/session/tests/gh13891.phpt

@@ -0,0 +1,17 @@
+--TEST--
+GH-13891 (memleak and segfault when using ini_set with session.trans_sid_hosts)
+--INI--
+session.use_cookies=0
+session.use_only_cookies=0
+session.use_trans_sid=1
+session.trans_sid_hosts=php.net
+--EXTENSIONS--
+session
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--FILE--
+<?php
+// We *must* set it here because the bug only triggers on a runtime edit
+ini_set('session.trans_sid_hosts','php.net');
+?>
+--EXPECT--

ext/standard/url_scanner_ex.re

@@ -138,9 +138,10 @@ static int php_ini_on_update_hosts(zend_ini_entry *entry, zend_string *new_value
 		}
 		keylen = q - key;
 		if (keylen > 0) {
-			tmp_key = zend_string_init(key, keylen, 0);
+			/* Note: the hash table is persistently allocated, so the strings must be too! */
+			tmp_key = zend_string_init(key, keylen, true);
 			zend_hash_add_empty_element(hosts, tmp_key);
-			zend_string_release_ex(tmp_key, 0);
+			zend_string_release_ex(tmp_key, true);
 		}
 	}
 	efree(tmp);