Unexpected null pointer in zend_string.h

[YuanchengJiang]

Description

The following code:

<?php
$contents = <<<EOS
"cell1","cell2\\","cell3","cell4"
"\\\\\\line1
line2\\\\\\"
EOS;
$file = new SplTempFileObject;
$file->fwrite($contents);
$file->rewind();
while (($data = $file->fgetcsv(',', '"', ''))) {
    print_r($data);
}
$xconnect = $file;
$dom = new DOMDocument;
$dom->loadXML("<root><x/><x xmlns:a=\"urn:a\" xmlns:b=\"urn:b\"/><x xmlns:b=\"urn:b\" xmlns:a=\"urn:a\"/></root>");
foreach ($dom->getElementsByTagName('x') as $x1) {
    foreach ($dom->getElementsByTagName('x') as $x2) {
        echo "Comparing ", $dom->saveXML($x1), " with ", $dom->saveXML($x2), "\n";
        var_dump($x1->isEqualNode($x2));
    }
}
$xconnect = $xconnect.$dom;
eval($xconnect);
?>

See: https://3v4l.org/md1YH

Resulted in this output:

/WorkSpace/php-src/Zend/zend_string.h:200:24: runtime error: null pointer passed as argument 2, which is declared to never be null
/usr/include/string.h:44:28: note: nonnull attribute specified here
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /WorkSpace/php-src/Zend/zend_string.h:200:24 in

PHP Version

PHP 8.4.0-dev

Operating System

ubuntu 22.04

[nielsdos]

This is unrelated to DOM, it's an SPL bug caused by 6fbf81c. Fix incoming soon.