From 46213f879a15a8fb1ab3979043b1110cbeb8eb25 Mon Sep 17 00:00:00 2001
From: David CARLIER <devnexen@gmail.com>
Date: Sat, 12 Jul 2025 15:48:25 +0100
Subject: [PATCH 1/3] ext/sockets: socket_addrinfo_lookup narrowing down socket
 family check to AF_INET/AF_INET6 only. (#19040)

---
 ext/sockets/sockets.c                         | 70 +++++--------------
 .../tests/socket_getaddrinfo_error.phpt       |  2 +-
 2 files changed, 17 insertions(+), 55 deletions(-)

diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c
index 82634cc8f3e54..2f2eb3465fdeb 100644
--- a/ext/sockets/sockets.c
+++ b/ext/sockets/sockets.c
@@ -2774,8 +2774,16 @@ PHP_FUNCTION(socket_addrinfo_lookup)
 						zend_argument_type_error(3, "\"ai_family\" key must be of type int, %s given", zend_zval_type_name(hint));
 						RETURN_THROWS();
 					}
-					if (val < 0 || val >= AF_MAX) {
-						zend_argument_value_error(3, "\"ai_family\" key must be between 0 and %d", AF_MAX - 1);
+					// Some platforms support also PF_LOCAL/AF_UNIX (e.g. FreeBSD) but the security concerns implied
+					// make it not worth handling it (e.g. unwarranted write permissions on the socket).
+					// Note existing socket_addrinfo* api already forbid such case.
+#ifdef HAVE_IPV6
+					if (val != AF_INET && val != AF_INET6) {
+						zend_argument_value_error(3, "\"ai_family\" key must be AF_INET or AF_INET6");
+#else
+					if (val != AF_INET) {
+						zend_argument_value_error(3, "\"ai_family\" key must be AF_INET");
+#endif
 						RETURN_THROWS();
 					}
 					hints.ai_family = (int)val;
@@ -2827,7 +2835,6 @@ PHP_FUNCTION(socket_addrinfo_lookup)
 PHP_FUNCTION(socket_addrinfo_bind)
 {
 	zval			*arg1;
-	int				retval;
 	php_addrinfo	*ai;
 	php_socket		*php_sock;
 
@@ -2837,6 +2844,8 @@ PHP_FUNCTION(socket_addrinfo_bind)
 
 	ai = Z_ADDRESS_INFO_P(arg1);
 
+	ZEND_ASSERT(ai->addrinfo.ai_family == AF_INET || ai->addrinfo.ai_family == AF_INET6);
+
 	PHP_ETH_PROTO_CHECK(ai->addrinfo.ai_protocol, ai->addrinfo.ai_family);
 
 	object_init_ex(return_value, socket_ce);
@@ -2855,31 +2864,7 @@ PHP_FUNCTION(socket_addrinfo_bind)
 	php_sock->error = 0;
 	php_sock->blocking = 1;
 
-	switch(php_sock->type) {
-		case AF_UNIX:
-			{
-				// AF_UNIX sockets via getaddrino are not implemented due to security problems
-				close(php_sock->bsd_socket);
-				zval_ptr_dtor(return_value);
-				RETURN_FALSE;
-			}
-
-		case AF_INET:
-#ifdef HAVE_IPV6
-		case AF_INET6:
-#endif
-			{
-				retval = bind(php_sock->bsd_socket, ai->addrinfo.ai_addr, ai->addrinfo.ai_addrlen);
-				break;
-			}
-		default:
-			close(php_sock->bsd_socket);
-			zval_ptr_dtor(return_value);
-			zend_argument_value_error(1, "must be one of AF_UNIX, AF_INET, or AF_INET6");
-			RETURN_THROWS();
-	}
-
-	if (retval != 0) {
+	if (bind(php_sock->bsd_socket, ai->addrinfo.ai_addr, ai->addrinfo.ai_addrlen) != 0) {
 		PHP_SOCKET_ERROR(php_sock, "Unable to bind address", errno);
 		close(php_sock->bsd_socket);
 		zval_ptr_dtor(return_value);
@@ -2892,7 +2877,6 @@ PHP_FUNCTION(socket_addrinfo_bind)
 PHP_FUNCTION(socket_addrinfo_connect)
 {
 	zval			*arg1;
-	int				retval;
 	php_addrinfo	*ai;
 	php_socket		*php_sock;
 
@@ -2902,6 +2886,8 @@ PHP_FUNCTION(socket_addrinfo_connect)
 
 	ai = Z_ADDRESS_INFO_P(arg1);
 
+	ZEND_ASSERT(ai->addrinfo.ai_family == AF_INET || ai->addrinfo.ai_family == AF_INET6);
+
 	PHP_ETH_PROTO_CHECK(ai->addrinfo.ai_protocol, ai->addrinfo.ai_family);
 
 	object_init_ex(return_value, socket_ce);
@@ -2920,31 +2906,7 @@ PHP_FUNCTION(socket_addrinfo_connect)
 	php_sock->error = 0;
 	php_sock->blocking = 1;
 
-	switch(php_sock->type) {
-		case AF_UNIX:
-			{
-				// AF_UNIX sockets via getaddrino are not implemented due to security problems
-				close(php_sock->bsd_socket);
-				zval_ptr_dtor(return_value);
-				RETURN_FALSE;
-			}
-
-		case AF_INET:
-#ifdef HAVE_IPV6
-		case AF_INET6:
-#endif
-			{
-				retval = connect(php_sock->bsd_socket, ai->addrinfo.ai_addr, ai->addrinfo.ai_addrlen);
-				break;
-			}
-		default:
-			zend_argument_value_error(1, "socket type must be one of AF_UNIX, AF_INET, or AF_INET6");
-			close(php_sock->bsd_socket);
-			zval_ptr_dtor(return_value);
-			RETURN_THROWS();
-	}
-
-	if (retval != 0) {
+	if (connect(php_sock->bsd_socket, ai->addrinfo.ai_addr, ai->addrinfo.ai_addrlen) != 0) {
 		PHP_SOCKET_ERROR(php_sock, "Unable to connect address", errno);
 		close(php_sock->bsd_socket);
 		zval_ptr_dtor(return_value);
diff --git a/ext/sockets/tests/socket_getaddrinfo_error.phpt b/ext/sockets/tests/socket_getaddrinfo_error.phpt
index c3488b540c69b..a2455821e70e2 100644
--- a/ext/sockets/tests/socket_getaddrinfo_error.phpt
+++ b/ext/sockets/tests/socket_getaddrinfo_error.phpt
@@ -110,7 +110,7 @@ socket_addrinfo_lookup(): Argument #3 ($hints) "ai_family" key must be of type i
 socket_addrinfo_lookup(): Argument #3 ($hints) "ai_socktype" key must be of type int, stdClass given
 socket_addrinfo_lookup(): Argument #3 ($hints) "ai_flags" key must be of type int, stdClass given
 socket_addrinfo_lookup(): Argument #3 ($hints) "ai_protocol" key must be of type int, stdClass given
-socket_addrinfo_lookup(): Argument #3 ($hints) "ai_family" key must be between 0 and %d
+socket_addrinfo_lookup(): Argument #3 ($hints) "ai_family" key must be AF_INET%A
 socket_addrinfo_lookup(): Argument #3 ($hints) "ai_socktype" key must be between 0 and %d
 socket_addrinfo_lookup(): Argument #3 ($hints) "ai_flags" key must be between 0 and %d
 socket_addrinfo_lookup(): Argument #3 ($hints) "ai_protocol" key must be between 0 and %d

From 9460dbe9062cadd44ed968e4c66c2a04cc38ea26 Mon Sep 17 00:00:00 2001
From: Ilija Tovilo <ilija.tovilo@me.com>
Date: Fri, 11 Jul 2025 21:32:40 +0200
Subject: [PATCH 2/3] Fix lineno for constructor property promotion errors

Fixes GH-19081
Closes GH-19100
---
 NEWS                                                        | 2 ++
 Zend/tests/ctor_promotion/ctor_promotion_callable_type.phpt | 6 ++++--
 Zend/zend_compile.c                                         | 2 ++
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index b12686c5d3cef..4bd0f98d345a1 100644
--- a/NEWS
+++ b/NEWS
@@ -83,6 +83,8 @@ PHP                                                                        NEWS
     (DanielEScherzer)
   . Do not use RTLD_DEEPBIND if dlmopen is available. (Daniil Gentili)
   . Make `clone()` a function. (timwolla, edorian)
+  . Fixed bug GH-19081 (Wrong lineno in property error with constructor property
+    promotion). (ilutov)
 
 - Curl:
   . Added curl_multi_get_handles(). (timwolla)
diff --git a/Zend/tests/ctor_promotion/ctor_promotion_callable_type.phpt b/Zend/tests/ctor_promotion/ctor_promotion_callable_type.phpt
index ae10512ad54a3..85f36bc727bf5 100644
--- a/Zend/tests/ctor_promotion/ctor_promotion_callable_type.phpt
+++ b/Zend/tests/ctor_promotion/ctor_promotion_callable_type.phpt
@@ -4,9 +4,11 @@ Type of promoted property may not be callable
 <?php
 
 class Test {
-    public function __construct(public callable $callable) {}
+    public function __construct(
+        public callable $callable
+    ) {}
 }
 
 ?>
 --EXPECTF--
-Fatal error: Property Test::$callable cannot have type callable in %s on line %d
+Fatal error: Property Test::$callable cannot have type callable in %s on line 5
diff --git a/Zend/zend_compile.c b/Zend/zend_compile.c
index ef167efc697e5..8e03773246bd1 100644
--- a/Zend/zend_compile.c
+++ b/Zend/zend_compile.c
@@ -7698,6 +7698,8 @@ static void zend_compile_params(zend_ast *ast, zend_ast *return_type_ast, uint32
 		uint32_t property_flags = param_ast->attr & (ZEND_ACC_PPP_MASK | ZEND_ACC_PPP_SET_MASK | ZEND_ACC_READONLY | ZEND_ACC_FINAL);
 		bool is_promoted = property_flags || hooks_ast;
 
+		CG(zend_lineno) = param_ast->lineno;
+
 		znode var_node, default_node;
 		uint8_t opcode;
 		zend_op *opline;

From a402edac1a37ee3013050d72d8a3278b179d7eaa Mon Sep 17 00:00:00 2001
From: Ilija Tovilo <ilija.tovilo@me.com>
Date: Sat, 12 Jul 2025 19:28:48 +0200
Subject: [PATCH 3/3] [skip ci] Add fatal_error_backtraces to php.ini templates
 (GH-19099)

---
 php.ini-development | 6 ++++++
 php.ini-production  | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/php.ini-development b/php.ini-development
index 162fb3f25c19c..21817b14aee29 100644
--- a/php.ini-development
+++ b/php.ini-development
@@ -620,6 +620,12 @@ report_memleaks = On
 ; Development value: 0
 ; Production value: 0
 
+; This directive controls whether PHP will output the backtrace of fatal errors.
+; Default Value: On
+; Development Value: On
+; Production Value: On
+;fatal_error_backtraces = On
+
 ;;;;;;;;;;;;;;;;;
 ; Data Handling ;
 ;;;;;;;;;;;;;;;;;
diff --git a/php.ini-production b/php.ini-production
index 042d246943d81..93d839ababfa5 100644
--- a/php.ini-production
+++ b/php.ini-production
@@ -622,6 +622,12 @@ report_memleaks = On
 ; Development value: 0
 ; Production value: 0
 
+; This directive controls whether PHP will output the backtrace of fatal errors.
+; Default Value: On
+; Development Value: On
+; Production Value: On
+;fatal_error_backtraces = On
+
 ;;;;;;;;;;;;;;;;;
 ; Data Handling ;
 ;;;;;;;;;;;;;;;;;