From 684a2ff0059561c5daa23dce11cb276b422bc20a Mon Sep 17 00:00:00 2001
From: lamentxu <1372449351@qq.com>
Date: Mon, 4 May 2026 00:43:21 +0800
Subject: [PATCH] init

---
 NEWS                                               |  2 ++
 UPGRADING                                          |  2 ++
 ext/standard/string.c                              |  2 +-
 .../tests/strings/parse_str_null_bytes.phpt        | 14 ++++++++++++++
 4 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 ext/standard/tests/strings/parse_str_null_bytes.phpt

diff --git a/NEWS b/NEWS
index 45524b382c73..11374894a3c6 100644
--- a/NEWS
+++ b/NEWS
@@ -189,6 +189,8 @@ PHP                                                                        NEWS
     (Weilin Du)
   . getenv() and putenv() now raises a ValueError when the first argument
     contains null bytes. (Weilin Du)
+  . parse_str() now raises a ValueError when the $string argument contains
+    null bytes. (Weilin Du)
   . proc_open() now raises a ValueError when the $cwd argument contains
     null bytes. (Weilin Du)
 
diff --git a/UPGRADING b/UPGRADING
index 4cbe4a981052..75615e9f5835 100644
--- a/UPGRADING
+++ b/UPGRADING
@@ -97,6 +97,8 @@ PHP 8.6 UPGRADE NOTES
     argument value is passed.
   . getenv() and putenv() now raises a ValueError when the first argument
     contains null bytes.
+  . parse_str() now raises a ValueError when the $string argument contains
+    null bytes.
   . linkinfo() now raises a ValueError when the $path argument is empty.
   . pathinfo() now raises a ValueError when an invalid $flag
     argument value is passed.
diff --git a/ext/standard/string.c b/ext/standard/string.c
index ef9e66ab53f8..89b4e51e6c2c 100644
--- a/ext/standard/string.c
+++ b/ext/standard/string.c
@@ -5012,7 +5012,7 @@ PHP_FUNCTION(parse_str)
 	size_t arglen;
 
 	ZEND_PARSE_PARAMETERS_START(2, 2)
-		Z_PARAM_STRING(arg, arglen)
+		Z_PARAM_PATH(arg, arglen)
 		Z_PARAM_ZVAL(arrayArg)
 	ZEND_PARSE_PARAMETERS_END();
 
diff --git a/ext/standard/tests/strings/parse_str_null_bytes.phpt b/ext/standard/tests/strings/parse_str_null_bytes.phpt
new file mode 100644
index 000000000000..fd0d94bb0fc8
--- /dev/null
+++ b/ext/standard/tests/strings/parse_str_null_bytes.phpt
@@ -0,0 +1,14 @@
+--TEST--
+parse_str() rejects null bytes
+--FILE--
+<?php
+
+try {
+    parse_str("a=1\0&b=2", $result);
+} catch (ValueError $e) {
+    echo $e->getMessage(), "\n";
+}
+
+?>
+--EXPECT--
+parse_str(): Argument #1 ($string) must not contain any null bytes