[pull] master from php:master

ext/exif/exif.c

@@ -4421,7 +4421,7 @@ static bool exif_scan_HEIF_header(image_info_type *ImageInfo, unsigned char *buf
 			if (exif_read_from_stream_file_looped(ImageInfo->infile, (char*)(data + remain), limit - remain) == limit - remain) {
 				exif_isobmff_parse_meta(data, data + limit, &pos);
 			}
-			if ((pos.size) &&
+			if ((pos.size >= 2) &&
 				(pos.size < ImageInfo->FileSize) &&
 				(ImageInfo->FileSize - pos.size >= pos.offset) &&
 				(php_stream_seek(ImageInfo->infile, pos.offset + 2, SEEK_SET) >= 0)) {

ext/exif/tests/heic_iloc_underflow.phpt

@@ -0,0 +1,19 @@
+--TEST--
+HEIC iloc extent_length underflow
+--EXTENSIONS--
+exif
+--FILE--
+<?php
+// Read valid HEIC file and patch iloc extent_length to 1
+$data = file_get_contents(__DIR__."/image029.heic");
+$data = substr_replace($data, "\x00\x00\x00\x01", 0x4f8, 4);
+file_put_contents(__DIR__."/heic_iloc_underflow.heic", $data);
+var_dump(exif_read_data(__DIR__."/heic_iloc_underflow.heic"));
+?>
+--CLEAN--
+<?php
+@unlink(__DIR__."/heic_iloc_underflow.heic");
+?>
+--EXPECTF--
+Warning: exif_read_data(heic_iloc_underflow.heic): Invalid HEIF file in %s on line %d
+bool(false)

ext/ftp/php_ftp.c

@@ -147,15 +147,15 @@ PHP_FUNCTION(ftp_connect)
 		RETURN_THROWS();
 	}
 
-	const zend_long timeoutmax = (zend_long)((double) PHP_TIMEOUT_ULL_MAX / 1000000.0);
+	const uint64_t timeoutmax = (uint64_t)((double) PHP_TIMEOUT_ULL_MAX / 1000000.0);
 
 	if (timeout_sec <= 0) {
 		zend_argument_value_error(3, "must be greater than 0");
 		RETURN_THROWS();
 	}
 
 	if (timeout_sec >= timeoutmax) {
-		zend_argument_value_error(3, "must be less than " ZEND_LONG_FMT, timeoutmax);
+		zend_argument_value_error(3, "must be less than " ZEND_ULONG_FMT, timeoutmax);
 		RETURN_THROWS();
 	}