Merge branch 'PHP-8.3' into PHP-8.4

nielsdos · nielsdos · commit 6fda0a561783 · 2025-07-30T09:23:33.000+02:00
* PHP-8.3:
  Reset global pointers to prevent use-after-free
diff --git a/NEWS b/NEWS
@@ -33,6 +33,10 @@ PHP                                                                        NEWS
   . Fixed bug GH-19098 (libxml<2.13 segmentation fault caused by
     php_libxml_node_free). (nielsdos)
 
+- Opcache:
+  . Reset global pointers to prevent use-after-free in zend_jit_status().
+    (Florian Engelhardt)
+
 - OpenSSL:
   . Fixed bug GH-18986 (OpenSSL backend: incorrect RAND_{load,write}_file()
     return value check). (nielsdos, botovq)
diff --git a/ext/opcache/jit/zend_jit.c b/ext/opcache/jit/zend_jit.c
@@ -3717,6 +3717,14 @@ void zend_jit_shutdown(void)
 #else
 	zend_jit_trace_free_caches(&jit_globals);
 #endif
+
+	/* Reset global pointers to prevent use-after-free in `zend_jit_status()`
+	 * after gracefully restarting Apache with mod_php, see:
+	 * https://github.com/php/php-src/pull/19212 */
+	dasm_ptr = NULL;
+	dasm_buf = NULL;
+	dasm_end = NULL;
+	dasm_size = 0;
 }
 
 static void zend_jit_reset_counters(void)
