From e975c27e12ef11a625bc7015ddd1de87b3c5cd18 Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Wed, 8 Jan 2025 04:00:14 +0000
Subject: [PATCH] Fix GH-17400: bindtextdomain segfault with UTF-16 domain
 value.

The provided domain could be a non ascii value even if not supposed to,
in the error reported case was of 4 code points long but domain is "empty" leading to
a NULL return. It worked up to 8.3 "by accident" before the zend_string
conversion and check prior for emptiness.

close GH-17402
---
 NEWS                           |  4 ++++
 ext/gettext/gettext.c          |  4 ++--
 ext/gettext/tests/gh17400.phpt | 19 +++++++++++++++++++
 3 files changed, 25 insertions(+), 2 deletions(-)
 create mode 100644 ext/gettext/tests/gh17400.phpt

diff --git a/NEWS b/NEWS
index 816055b9818..7b75a9efc4d 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,10 @@ PHP                                                                        NEWS
   . Added support for reading GIFs without colormap to bundled libgd. (Andrew
     Burley, cmb)
 
+- Gettext:
+  . Fixed bug GH-17400 (bindtextdomain SEGV on invalid domain).
+    (David Carlier)
+
 - Intl:
   . Fixed bug GH-11874 (intl causing segfault in docker images). (nielsdos)
  
diff --git a/ext/gettext/gettext.c b/ext/gettext/gettext.c
index 53eaf797545..27f0dfa26da 100644
--- a/ext/gettext/gettext.c
+++ b/ext/gettext/gettext.c
@@ -183,9 +183,9 @@ PHP_FUNCTION(bindtextdomain)
 	char *retval, dir_name[MAXPATHLEN], *btd_result;
 
 	ZEND_PARSE_PARAMETERS_START(1, 2)
-		Z_PARAM_STR(domain)
+		Z_PARAM_PATH_STR(domain)
 		Z_PARAM_OPTIONAL
-		Z_PARAM_STR_OR_NULL(dir)
+		Z_PARAM_PATH_STR_OR_NULL(dir)
 	ZEND_PARSE_PARAMETERS_END();
 
 	PHP_GETTEXT_DOMAIN_LENGTH_CHECK(1, ZSTR_LEN(domain))
diff --git a/ext/gettext/tests/gh17400.phpt b/ext/gettext/tests/gh17400.phpt
new file mode 100644
index 00000000000..836b792bf0d
--- /dev/null
+++ b/ext/gettext/tests/gh17400.phpt
@@ -0,0 +1,19 @@
+--TEST--
+GH-17400 bindtextdomain segfaults with invalid domain/domain with null bytes.
+--EXTENSIONS--
+gettext
+--CREDITS--
+YuanchengJiang
+--FILE--
+<?php
+$utf16_first_le = pack("H*", "00d800dc");
+$utf16le_char_bad = pack("H*", "00dc00dc");
+
+try {
+	bindtextdomain($utf16le_char_bad,$utf16_first_le);
+} catch (\ValueError $e) {
+	echo $e->getMessage();
+}
+?>
+--EXPECT--
+bindtextdomain(): Argument #1 ($domain) must not contain any null bytes