Fixed bug #76829 Incorrect validation of domain on idn_to_utf8() function

As stated by RFC 5890, U-Labels might be up to 252 Unicode code points
long. This can be fixed in 7.1+ as well, but there might potentially be
issues in some existing apps expecting the output to be max 255 octets
long. Thus it seems to be safer to not to touch stable branches.

Author: weltling

ext/intl/idn/idn.c

@@ -138,7 +138,7 @@ static void php_intl_idn_to_46(INTERNAL_FUNCTION_PARAMETERS,
 	UErrorCode	  status = U_ZERO_ERROR;
 	UIDNA		  *uts46;
 	int32_t		  len;
-	int32_t		  buffer_capac = 255; /* no domain name may exceed this */
+	int32_t		  buffer_capac = 252*4; /* no domain name may exceed this */
 	zend_string	  *buffer = zend_string_alloc(buffer_capac, 0);
 	UIDNAInfo	  info = UIDNA_INFO_INITIALIZER;
 	int			  buffer_used = 0;
@@ -156,7 +156,7 @@ static void php_intl_idn_to_46(INTERNAL_FUNCTION_PARAMETERS,
 		len = uidna_nameToUnicodeUTF8(uts46, ZSTR_VAL(domain), ZSTR_LEN(domain),
 				ZSTR_VAL(buffer), buffer_capac, &info, &status);
 	}
-	if (len >= 255 || php_intl_idn_check_status(status, "failed to convert name") == FAILURE) {
+	if (len >= 252*4 || php_intl_idn_check_status(status, "failed to convert name") == FAILURE) {
 		uidna_close(uts46);
 		zend_string_efree(buffer);
 		RETURN_FALSE;

ext/intl/tests/idn_bug76829.phpt

@@ -0,0 +1,16 @@
+--TEST--
+Bug #76829 Incorrect validation of domain on idn_to_utf8() function
+--SKIPIF--
+<?php if( !extension_loaded( 'intl' ) ) print 'skip'; ?>
+--FILE--
+<?php
+
+$punycode = idn_to_ascii('абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаеж.рф', IDNA_DEFAULT, INTL_IDNA_VARIANT_UTS46);
+
+$unicode = idn_to_utf8($punycode, IDNA_DEFAULT, INTL_IDNA_VARIANT_UTS46);
+
+var_dump($unicode);
+
+?>
+--EXPECT--
+string(294) "абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаеж.рф"