From 6cf8825e23ae13a566a8f2e7858f8887581243d2 Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Sun, 6 Oct 2024 16:09:47 +0100
Subject: [PATCH 1/2] Fix GH-16267 socket_strerror overflow on argument value.

only socket_strerror provides user-supplied value to sockets_strerror
handler.
---
 ext/sockets/sockets.c          |  5 +++++
 ext/sockets/tests/gh16267.phpt | 22 ++++++++++++++++++++++
 2 files changed, 27 insertions(+)
 create mode 100644 ext/sockets/tests/gh16267.phpt

diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c
index 8183398a8d32..bde32daae22f 100644
--- a/ext/sockets/sockets.c
+++ b/ext/sockets/sockets.c
@@ -1211,6 +1211,11 @@ PHP_FUNCTION(socket_strerror)
 		RETURN_THROWS();
 	}
 
+	if (arg1 < INT_MIN || arg1 > INT_MAX) {
+		zend_argument_value_error(1, "must be between %d and %d", INT_MIN, INT_MAX);
+		RETURN_THROWS();
+	}
+
 	RETURN_STRING(sockets_strerror(arg1));
 }
 /* }}} */
diff --git a/ext/sockets/tests/gh16267.phpt b/ext/sockets/tests/gh16267.phpt
new file mode 100644
index 000000000000..d2462b316453
--- /dev/null
+++ b/ext/sockets/tests/gh16267.phpt
@@ -0,0 +1,22 @@
+--TEST--
+GH-16267 - overflow on socket_strerror argument
+--EXTENSIONS--
+sockets
+--SKIPIF--
+<?php if (PHP_INT_SIZE != 8) die('skip 64-bit only'); ?>
+--FILE--
+<?php
+try {
+	socket_strerror(PHP_INT_MIN);
+} catch (\ValueError $e) {
+	echo $e->getMessage() . PHP_EOL;
+}
+try {
+	socket_strerror(PHP_INT_MAX);
+} catch (\ValueError $e) {
+	echo $e->getMessage() . PHP_EOL;
+}
+?>
+--EXPECTF--
+socket_strerror(): Argument #1 ($error_code) must be between %s and %s
+socket_strerror(): Argument #1 ($error_code) must be between %s and %s

From 45c6783f09d2126a913d3530408ed15cb79097db Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Sun, 6 Oct 2024 17:27:37 +0100
Subject: [PATCH 2/2] using macro instead

---
 ext/sockets/sockets.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c
index bde32daae22f..f1a62c719291 100644
--- a/ext/sockets/sockets.c
+++ b/ext/sockets/sockets.c
@@ -1211,7 +1211,7 @@ PHP_FUNCTION(socket_strerror)
 		RETURN_THROWS();
 	}
 
-	if (arg1 < INT_MIN || arg1 > INT_MAX) {
+	if (ZEND_LONG_EXCEEDS_INT(arg1)) {
 		zend_argument_value_error(1, "must be between %d and %d", INT_MIN, INT_MAX);
 		RETURN_THROWS();
 	}