From 79b86698b9d15b4173c262aeffcd197f377bc392 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Tue, 11 Oct 2022 10:08:09 +0300
Subject: [PATCH 1/2] Avoid crash for reset/end/next/prev() on ffi classes

Closes GH-9697
---
 ext/ffi/ffi.c               | 10 +++++++++-
 ext/ffi/tests/gh9697-2.phpt | 20 ++++++++++++++++++++
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 ext/ffi/tests/gh9697-2.phpt

diff --git a/ext/ffi/ffi.c b/ext/ffi/ffi.c
index fc8bb9a1b09f..4c7cb0f788f3 100644
--- a/ext/ffi/ffi.c
+++ b/ext/ffi/ffi.c
@@ -188,6 +188,10 @@ typedef struct _zend_ffi_ctype {
 	zend_ffi_type         *type;
 } zend_ffi_ctype;
 
+/* This is a "mutable" copy of zend_empty_array that prevents asseerts in attempts of iteraton
+ * (see https://github.com/php/php-src/issues/9697) */
+static HashTable _empty_array;
+
 static zend_class_entry *zend_ffi_exception_ce;
 static zend_class_entry *zend_ffi_parser_exception_ce;
 static zend_class_entry *zend_ffi_ce;
@@ -4699,7 +4703,7 @@ static ZEND_COLD zend_function *zend_fake_get_method(zend_object **obj_ptr, zend
 
 static HashTable *zend_fake_get_properties(zend_object *obj) /* {{{ */
 {
-	return (HashTable*)&zend_empty_array;
+	return &_empty_array;
 }
 /* }}} */
 
@@ -4935,6 +4939,10 @@ ZEND_MINIT_FUNCTION(ffi)
 
 	REGISTER_INI_ENTRIES();
 
+	memcpy(&_empty_array, &zend_empty_array, sizeof(HashTable));
+	GC_SET_REFCOUNT(&_empty_array, 1);
+	GC_TYPE_INFO(&_empty_array) = GC_ARRAY;
+
 	FFI_G(is_cli) = strcmp(sapi_module.name, "cli") == 0;
 
 	INIT_NS_CLASS_ENTRY(ce, "FFI", "Exception", NULL);
diff --git a/ext/ffi/tests/gh9697-2.phpt b/ext/ffi/tests/gh9697-2.phpt
new file mode 100644
index 000000000000..94745d6c7ec3
--- /dev/null
+++ b/ext/ffi/tests/gh9697-2.phpt
@@ -0,0 +1,20 @@
+--TEST--
+FFI: Test deprecated use of array helper functions on FFI classes doesn't crash
+--SKIPIF--
+<?php require_once('skipif.inc'); ?>
+--INI--
+ffi.enable=1
+--FILE--
+<?php
+error_reporting(E_ALL & ~E_DEPRECATED);
+$data = FFI::new('int');
+var_dump(reset($data));
+var_dump(end($data));
+var_dump(next($data));
+var_dump(prev($data));
+?>
+--EXPECTF--
+bool(false)
+bool(false)
+bool(false)
+bool(false)

From 25b42daed60fd19ab73168777988d728580b5b36 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitrystogov@gmail.com>
Date: Tue, 11 Oct 2022 14:36:42 +0300
Subject: [PATCH 2/2] Update ext/ffi/ffi.c

Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
---
 ext/ffi/ffi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/ffi/ffi.c b/ext/ffi/ffi.c
index 4c7cb0f788f3..0f5e97cba57f 100644
--- a/ext/ffi/ffi.c
+++ b/ext/ffi/ffi.c
@@ -188,7 +188,7 @@ typedef struct _zend_ffi_ctype {
 	zend_ffi_type         *type;
 } zend_ffi_ctype;
 
-/* This is a "mutable" copy of zend_empty_array that prevents asseerts in attempts of iteraton
+/* This is a "mutable" copy of zend_empty_array that prevents asserts in attempts of iteration
  * (see https://github.com/php/php-src/issues/9697) */
 static HashTable _empty_array;