From 3215e86a11580e77f53660499e9c7e403f08ea5c Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Wed, 1 May 2024 13:49:58 +0200
Subject: [PATCH] Avoid double allocation in _bc_new_num_ex

Since the two allocations are tied together anyway, we can just use a
single allocation. Moreover, this actually seemed like the intention
because the bc_struct allocation already accounted for the length and
scale.
---
 ext/bcmath/libbcmath/src/init.c | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/ext/bcmath/libbcmath/src/init.c b/ext/bcmath/libbcmath/src/init.c
index cef55324689..3c82af5821c 100644
--- a/ext/bcmath/libbcmath/src/init.c
+++ b/ext/bcmath/libbcmath/src/init.c
@@ -39,13 +39,12 @@
 bc_num _bc_new_num_ex(size_t length, size_t scale, bool persistent)
 {
 	/* PHP Change: malloc() -> pemalloc(), removed free_list code */
-	bc_num temp = (bc_num) safe_pemalloc(1, sizeof(bc_struct) + length, scale, persistent);
+	bc_num temp = safe_pemalloc(1, sizeof(bc_struct) + length, scale, persistent);
 	temp->n_sign = PLUS;
 	temp->n_len = length;
 	temp->n_scale = scale;
 	temp->n_refs = 1;
-	/* PHP Change: malloc() -> pemalloc() */
-	temp->n_ptr = (char *) safe_pemalloc(1, length, scale, persistent);
+	temp->n_ptr = (char *) temp + sizeof(bc_struct);
 	temp->n_value = temp->n_ptr;
 	memset(temp->n_ptr, 0, length + scale);
 	return temp;
@@ -61,10 +60,6 @@ void _bc_free_num_ex(bc_num *num, bool persistent)
 	}
 	(*num)->n_refs--;
 	if ((*num)->n_refs == 0) {
-		if ((*num)->n_ptr) {
-			/* PHP Change: free() -> pefree(), removed free_list code */
-			pefree((*num)->n_ptr, persistent);
-		}
 		pefree(*num, persistent);
 	}
 	*num = NULL;