From 00a772bf9473ca3f76ba5423e4e72f87384f5e14 Mon Sep 17 00:00:00 2001
From: Eric Mann <ericmann@php.net>
Date: Tue, 25 Feb 2025 09:20:39 -0800
Subject: [PATCH 1/3] PHP-8.3 is now for PHP 8.3.19-dev

---
 NEWS               | 5 ++++-
 Zend/zend.h        | 2 +-
 configure.ac       | 2 +-
 main/php_version.h | 6 +++---
 4 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/NEWS b/NEWS
index e644f7c0358d4..86d23228c20a8 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,9 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? ????, PHP 8.3.18
+?? ??? ????, PHP 8.3.19
+
+
+27 Feb 2025, PHP 8.3.18RC1
 
 - BCMath:
   . Fixed bug GH-17398 (bcmul memory leak). (SakiTakamachi)
diff --git a/Zend/zend.h b/Zend/zend.h
index a3e833da7ef0b..e795ac967a23d 100644
--- a/Zend/zend.h
+++ b/Zend/zend.h
@@ -20,7 +20,7 @@
 #ifndef ZEND_H
 #define ZEND_H
 
-#define ZEND_VERSION "4.3.18-dev"
+#define ZEND_VERSION "4.3.19-dev"
 
 #define ZEND_ENGINE_3
 
diff --git a/configure.ac b/configure.ac
index af4a1b3fc64dd..0e98613854281 100644
--- a/configure.ac
+++ b/configure.ac
@@ -17,7 +17,7 @@ dnl Basic autoconf initialization, generation of config.nice.
 dnl ----------------------------------------------------------------------------
 
 AC_PREREQ([2.68])
-AC_INIT([PHP],[8.3.18-dev],[https://github.com/php/php-src/issues],[php],[https://www.php.net])
+AC_INIT([PHP],[8.3.19-dev],[https://github.com/php/php-src/issues],[php],[https://www.php.net])
 AC_CONFIG_SRCDIR([main/php_version.h])
 AC_CONFIG_AUX_DIR([build])
 AC_PRESERVE_HELP_ORDER
diff --git a/main/php_version.h b/main/php_version.h
index 32d4dae3d7b21..8b508aaa33585 100644
--- a/main/php_version.h
+++ b/main/php_version.h
@@ -2,7 +2,7 @@
 /* edit configure.ac to change version number */
 #define PHP_MAJOR_VERSION 8
 #define PHP_MINOR_VERSION 3
-#define PHP_RELEASE_VERSION 18
+#define PHP_RELEASE_VERSION 19
 #define PHP_EXTRA_VERSION "-dev"
-#define PHP_VERSION "8.3.18-dev"
-#define PHP_VERSION_ID 80318
+#define PHP_VERSION "8.3.19-dev"
+#define PHP_VERSION_ID 80319

From a73fe50864bfd2f5bff375e9b79818098398bd4b Mon Sep 17 00:00:00 2001
From: DanielEScherzer <daniel.e.scherzer@gmail.com>
Date: Tue, 25 Feb 2025 10:10:40 -0800
Subject: [PATCH 2/3] NEWS for 8.4.5: combine ext/GD sections [skip ci]

Closes GH-17930.
---
 NEWS | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/NEWS b/NEWS
index 23ad1ae72a8aa..0c506b6349b51 100644
--- a/NEWS
+++ b/NEWS
@@ -33,10 +33,6 @@ PHP                                                                        NEWS
   . Fixed bug GH-17847 (xinclude destroys live node). (nielsdos)
   . Fix using Dom\Node with Dom\XPath callbacks. (nielsdos)
 
-- GD:
-  . Fixed bug GH-17703 (imagescale with both width and height negative values
-    triggers only an Exception on width). (David Carlier)
-
 - FFI:
   . Fix FFI Parsing of Pointer Declaration Lists. (davnotdev)
 
@@ -45,6 +41,8 @@ PHP                                                                        NEWS
     (Jakub Zelenka)
 
 - GD:
+  . Fixed bug GH-17703 (imagescale with both width and height negative values
+    triggers only an Exception on width). (David Carlier)
   . Fixed bug GH-17772 (imagepalettetotruecolor crash with memory_limit=2M).
     (David Carlier)
 

From 8cbc0c57b7953a3b3c56d60fffdefd576186f9be Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Tue, 25 Feb 2025 05:08:12 +0000
Subject: [PATCH 3/3] Fix GH-17921 socket_read/socket_recv overflows on buffer
 size.

update the existing checks to be more straightforward instead of
counting on undefined behavior.

close GH-17923
---
 NEWS                           |  4 ++++
 ext/sockets/sockets.c          |  4 ++--
 ext/sockets/tests/gh17921.phpt | 18 ++++++++++++++++++
 3 files changed, 24 insertions(+), 2 deletions(-)
 create mode 100644 ext/sockets/tests/gh17921.phpt

diff --git a/NEWS b/NEWS
index 86d23228c20a8..0294db412d20e 100644
--- a/NEWS
+++ b/NEWS
@@ -65,6 +65,10 @@ PHP                                                                        NEWS
   . Fixed bug GH-15902 (Core dumped in ext/reflection/php_reflection.c).
     (DanielEScherzer)
 
+- Sockets:
+  . Fixed bug GH-17921 (socket_read/socket_recv overflow on buffer size).
+    (David Carlier)
+
 - Standard:
   . Fixed bug #72666 (stat cache clearing inconsistent between file:// paths
     and plain paths). (Jakub Zelenka)
diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c
index e6e231e2e5e7e..c252dc6e07a41 100644
--- a/ext/sockets/sockets.c
+++ b/ext/sockets/sockets.c
@@ -884,7 +884,7 @@ PHP_FUNCTION(socket_read)
 	ENSURE_SOCKET_VALID(php_sock);
 
 	/* overflow check */
-	if ((length + 1) < 2) {
+	if (length <= 0 || length == ZEND_LONG_MAX) {
 		RETURN_FALSE;
 	}
 
@@ -1326,7 +1326,7 @@ PHP_FUNCTION(socket_recv)
 	ENSURE_SOCKET_VALID(php_sock);
 
 	/* overflow check */
-	if ((len + 1) < 2) {
+	if (len <= 0 || len == ZEND_LONG_MAX) {
 		RETURN_FALSE;
 	}
 
diff --git a/ext/sockets/tests/gh17921.phpt b/ext/sockets/tests/gh17921.phpt
new file mode 100644
index 0000000000000..d038ed04bc946
--- /dev/null
+++ b/ext/sockets/tests/gh17921.phpt
@@ -0,0 +1,18 @@
+--TEST--
+GH-16267 - overflow on socket_strerror argument
+--EXTENSIONS--
+sockets
+--FILE--
+<?php
+$s_c_l = socket_create_listen(0);
+var_dump(socket_read($s_c_l, PHP_INT_MAX));
+var_dump(socket_read($s_c_l, PHP_INT_MIN));
+$a = "";
+var_dump(socket_recv($s_c_l, $a, PHP_INT_MAX, 0));
+var_dump(socket_recv($s_c_l, $a, PHP_INT_MIN, 0));
+?>
+--EXPECT--
+bool(false)
+bool(false)
+bool(false)
+bool(false)