From 1c9bfcb6a766d4062f2dd1e594b30831d59cc36c Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Tue, 22 Oct 2019 11:33:00 +0200
Subject: [PATCH] Fix #78716: Function name mangling is wrong for some
 parameter types

We have to cater to function parameter alignment when calculating the
parameter size.
---
 NEWS                           |   4 ++++
 ext/ffi/ffi.c                  |   2 +-
 ext/ffi/tests/callconv.phpt    |  30 +++++++++++++++---------------
 ext/ffi/tests/callconv_x86.dll | Bin 8704 -> 8704 bytes
 4 files changed, 20 insertions(+), 16 deletions(-)

diff --git a/NEWS b/NEWS
index a192b92ea4..5003143e92 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,10 @@ PHP                                                                        NEWS
 - Date:
   . Fixed bug #70153 (\DateInterval incorrectly unserialized). (Maksim Iakunin)
 
+- FFI:
+  . Fixed bug #78716 (Function name mangling is wrong for some parameter 
+    types). (cmb)
+
 - FPM:
   . Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to RCE).
     (CVE-2019-11043) (Jakub Zelenka)
diff --git a/ext/ffi/ffi.c b/ext/ffi/ffi.c
index 1d6f84b6b2..1edba157a1 100644
--- a/ext/ffi/ffi.c
+++ b/ext/ffi/ffi.c
@@ -775,7 +775,7 @@ static size_t zend_ffi_arg_size(zend_ffi_type *type) /* {{{ */
 	size_t arg_size = 0;
 
 	ZEND_HASH_FOREACH_PTR(type->func.args, arg_type) {
-		arg_size += ZEND_FFI_TYPE(arg_type)->size;
+		arg_size += MAX(ZEND_FFI_TYPE(arg_type)->size, sizeof(size_t));
 	} ZEND_HASH_FOREACH_END();
 	return arg_size;
 }
diff --git a/ext/ffi/tests/callconv.phpt b/ext/ffi/tests/callconv.phpt
index aa481de224..233c73f110 100644
--- a/ext/ffi/tests/callconv.phpt
+++ b/ext/ffi/tests/callconv.phpt
@@ -9,32 +9,32 @@ if (PHP_INT_SIZE != 4) die("skip this test is for 32bit platforms only");
 --FILE--
 <?php
 $header = <<<HEADER
-void __cdecl cdecl_func(int arg1, double arg2);
-void __stdcall stdcall_func(int arg1, double arg2);
-void __fastcall fastcall_func(int arg1, double arg2);
+void __cdecl cdecl_func(int arg1, double arg2, char arg3);
+void __stdcall stdcall_func(int arg1, double arg2, char arg3);
+void __fastcall fastcall_func(int arg1, double arg2, char arg3);
 HEADER;
 $headername = __DIR__ . '/callconv.h';
 $dllname = __DIR__ . "/callconv_x86.dll";
 
 $ffi1 = FFI::cdef($header, $dllname);
-$ffi1->cdecl_func(1, 2.3);
-$ffi1->stdcall_func(4, 5.6);
-$ffi1->fastcall_func(7, 8.9);
+$ffi1->cdecl_func(1, 2.3, 'a');
+$ffi1->stdcall_func(4, 5.6, 'b');
+$ffi1->fastcall_func(7, 8.9, 'c');
 
 file_put_contents($headername, "#define FFI_LIB \"$dllname\"\n$header");
 
 $ffi2 = FFI::load($headername);
-$ffi2->cdecl_func(2, 3.4);
-$ffi2->stdcall_func(5, 6.7);
-$ffi2->fastcall_func(8, 9.1);
+$ffi2->cdecl_func(2, 3.4, 'a');
+$ffi2->stdcall_func(5, 6.7, 'b');
+$ffi2->fastcall_func(8, 9.1, 'c');
 ?>
 --EXPECT--
-cdecl: 1, 2.300000
-stdcall: 4, 5.600000
-fastcall: 7, 8.900000
-cdecl: 2, 3.400000
-stdcall: 5, 6.700000
-fastcall: 8, 9.100000
+cdecl: 1, 2.300000, a
+stdcall: 4, 5.600000, b
+fastcall: 7, 8.900000, c
+cdecl: 2, 3.400000, a
+stdcall: 5, 6.700000, b
+fastcall: 8, 9.100000, c
 --CLEAN--
 <?php
 unlink(__DIR__ . '/callconv.h');
diff --git a/ext/ffi/tests/callconv_x86.dll b/ext/ffi/tests/callconv_x86.dll
index f4818d10916842c21a0663df68cbc6608fab8865..f13446ee4e0e3f8689bb83a36cbe3fcf1168e006 100644
GIT binary patch
delta 2572
zcmcgteQZ<L6~E81W5+SEAtnh+g;Q_{S-Z#|?_tMzfuzN4&`1d-4VaP!lY|)$P}KNM
z867y(HYE$ySZ{;S7EMVPHl~d>TU18Bg260JG*%_rT2Se<WJC1Pq#9xYMFryhu0Og6
z_3vHzynD~@{LaUH_q^-Q^_}aFi;6k&)3r|oFIZY%j%?1JNXxO(lM{!bUn$p)A4$wP
z<3CBv`qZo$4?~}HXvbf{9NDa$_&H{iQ<2b3&g_KU<eZ&gJd-mkp+CE)*~fB_)Tnb4
zvXN7*Ab-E~W@8$hB#K9~xf}z@0kR~CW>G7*DXXZMkT8G&+QqHpEc6WbJZGd?iW0?~
zhT0TA;4DMGQEcVtq{8r;^2wln*loP6H@J0mp&89>{bHp#E@^zfD<TH@&3HT>x@2sO
zT~3eZx@W$bA7%VQDgH$RNjZSeVr%rn7rzd_*>{zZHz&!;#)}$4N0cV+`}Br#rDjS+
z$h1m+k1kfN__m%S#M5|DNBjm~pBYZuvIy}L*^mi59F^4e=*<yqRaVmNs*+$ie8bT|
zt$aoUY?BfXA0EC=<n#TACFQf>=!rz7Qh5p%kc)gB%o<=;L&Ex@YMY%H6bNg(cC_*H
z58e0YQL4NNK=_(I@;#=Q)r5543auppQ-i!VSxtc6S1k{A*WPOBS_CffG`;ZrSnS7*
zpU0(t$vun{^Q+}6SX}n&d{MTYXHaK<k%br{(V)^Eoqo3FmrRqt${^&Z`+BJLJ_%JO
zs*xJxLAIZLu*g%$9x7%yNmqw6$BT(e)f%~mrSjOv!cl$Ch3*Rv7bG7;oVavd&PbQ!
zPL(vtN_wAumbtOu+=F<$`&O59J#tqceg(0&Y(-bdM`@Khe{~y-TN;=i{CedFClU{+
zLh%f#CQ05!gX+(?fuS9m6I{-p6Uoliq2`!8_nOwr)zMvA%N`T(NHn09UqV&W1#&j@
zI=P&&0cY5vG1&%Xkc;8i$B`r)_2_$mx`3hs5{$CsS}hl2G5saTav@f79v)E8gz_Kh
zJ#9(w9W;o?(-@PFV1f8LUkeJ7-(_%29!-Gy@b59RbZ;~G=396oLg=7|Na_*QPB?J#
zZ`m>Qz=9H#wkRSVO)6UW9b|sfHwU>!mO3<}>#X#$vkC;2gWOoGp<B{K?&4L=bJ9Wi
z0rrhbRz>bgE0WceFn6@5-q*&8D@dw=r)<&b@AfOv9<NHXTSJqk^Q?A%k>|0|&}jUx
zqjnXub-8D|+;d&-`=?HwI?w!*09=4Q3b1KJ#fsquxfjM_ew93lcY4{c@sVQW+DcdI
zs<|H8s;lLu=#Z{Vo0(`9jXa-0r*(zgHL6}@<_^%u7j<#B=-EZS%-7L0@4Zgza#m(-
zX&CNhS}(NkD17(m%Q-ui$0cK2GQ=evyH&0l@Tsvf<#+I9hb|QiY4md(olwjKkFO?V
zzJ!oRFn<DxLVgALC$IyUcS6=fED$zMt|H_ONC$+C6X1P?^&!l=AXSi65F;cL!p29i
zPp0_G3vnX<8#K7Y6@0v?xLHd`d!VJ+yLYdvsJI2l?i5PMZf|?w8x07PzM9#!Q3p}3
zfEbhU(>5Jc2Gzq>|B#K{7^SP>?Ss+xkda;S3r8RI=C0!i?ayuE?$O1@d@h5Q8rLn$
z1BnU3BoaOSWc^0AOCvpOyi&Xque|KV7H_}{GqT`hQ@XjmBLyqz!KL|?$IWSLpxL~k
zx*9}+b540MZ2NYGom`03CwaYeVrgzIE^E>WMp+`Txr4FO|4U`9$z%h?$yZgjhv{Y;
z<IDnMn@?eOhH0oZFPH0}?z|9ZrDJ&}?gE~Ls$b+1!v{1gzi`7F1;p?+gt6Jc4IO9m
zZbZYT2|m_@)IhI??1c1zT?J`_v_n4*iO_xdtNd$7b4zRU-lpBs{$|pYYKDYXWnII<
zI#Vsg*6(9&DI#R=0;~`1)&i_%0Tu;T1x&L5`+`2mFWmEgYy6?Z1;GsVum6Wfl**t1
zFNU)eTGm)RmM+U#%cqug*8SF(ti9HL>$}$T*2~r<wr|-s*tXcbwsu>$?V9aN+pq1{
z?elg!FY-_G&+z;C0Dpk*<d5*jc*_5b@8?hRZ}DgO5BNXvf8jsor}!`UfAe?vIG-gf
z6H0}0;R(Sjv<W{HjtIR$;S=E>!VO_YxGl^J(wb$Ca);m1=NNH(?2sL^4yALc^D$?Y
z^Eu}Z=PqZ!dB}Og`5$L~`JM8mE|bgYs&+l)^0@Z7UUWrV{jOnGc7>tBTw$xIt=LvE
zQ*o!_K}ES(E7pr)@m2AJI3S)8hs9CxBk^zIr{bh|LoAySZ;Nx{yr`_yR^l9SH29G=
d%YfyyrPtbLJ#9V5U*%`{Io>D~2)Lrg{|hro3Sa;L

delta 2671
zcmcgte{5679lvwz_$9I92XTIMVUQmVp%g{7^Iq&YFHKTN3lkAxq?AAnb7NA+N!zr%
z2SI~6nVmIhR0f>bhSVXTr~-zjjL<f8baLm85-F2RDp3ZgEn1cwq(~l`veBh|``)wD
zg--i-Cw=a|-_Q4Rci;QId++tG>0NVB(sB6E<4=St+dp_`kMWbKdAu5`pV|ffY}drJ
ztc};E_i5v&)BCkCKD`^p#lDGY1;#zbiKz}48#-@jenaOcTD+li)fCe;bY9i`A9l0_
z*dFNNcF3ObXmcY%>#+fiUaa=cN54S2;w+q<i?V@PoMiQ+7;nh1mmw4Z;sV)=OR+$H
zg}31z@&K3XxC~OF+l_^hqq=ACVg2gReGA`c3V+Gnw=B}zRD}ziD?&USQB^hk5$}zS
zKh&Nc`trZ@mzX}B(*MDP7EVa%x%u@s2I5Tp^t_rwdL}2A^~-QOnbMbXw+sl)80foX
zk)fpAgb`}>!kR%oFl>W~?hJ&2h-Re&ABkEbSK*9QN4$pekP9Y8qH+^`g9ENf4_!NS
zfnL}!u#fFpngz33`=iRE^mB-SxG2!WqB4uBnJoITVM`_Ab+D}S=74wl<HosfAXi!o
zMC7KjnsP>jh7#e&k-Tg(ElH*!TUEtGjOpJC%~)RdPOHja=xZzztBejcCH#YCn2cI?
zY~MB(3mWNr5E>7f0&#X82jqI9$d35_=&Qc9Z!wF`r6DxXI2qnKhr+d5Hp&)yo}K3<
zh|oVm2H`TsqxtM|Vf`RdmDL<w#Wsf0$kxhe{mdeI4CblIB>e|e=YJ$ro=Pae5;{R{
zr?1B!kP2g7{TpAa>QG`(nGCB~De0e8mTqc>3qlp(H*IEC<XbBUDfFwdA*`k;Yd1Z^
zg3ptP@fJQZ;^TgfvoC1{8EuBNWAtlc$n@a`@_eSfgNHzWR5sEs$aJQF&OxHhbS0Am
zo#u?jXel_uI0nx>4!cC6t(GIeJ_c+gs%VO3N!v*Cz?iuQVrl}58leLRZXrE=IIBE#
zmQ|tE8>4%`faOgAKO{tdtrdq})JRL@B#dmgw;6rsIP|bUct3{}<7LB-U;?IZvM2FV
zh(HE<XB1Z4n{+Z^-ivJB%$;HEWjpuQ`q;CQ^}{&ijcp!Mxc*tF(>GXoj{XhK3~4Nf
z+Lk0!DP(iuidq8QEHhKml^=6PXYAoIb<oTb9yABEzDw(waL_DkeGl}P4QxX^jJJDZ
zK?D5)YBnC^0(==t<LOrNq^SXqkO5N@PLOM+ip*T?hH%uZC)wsge3z^=+wdUSU>?LO
z`Lj8YehTiz?@p1YvX`fyW9B(9ODzlE^6|h;ax(kbmF#e870rj&M^&tY>8irRo3S}?
zorjl9&+hj7@Ir?_TC#m)iRGU-1l8FXuI**n?rZPc&t1@=sGI@DJ76d+mfv{ih8pL>
ziMrE$a@`p{EUOqt4<HmBi=ENIO7hAx9AppVp(M$}>jWN2dPO{V*`q(xywQW&Fx1G6
z#h@arkt@2s(D4-rWdl|LrT}rkyMX)U2)zztH=qSj4`A)|a)izU1^}$R4Z2Lg0l+JO
zW<V9d2FL@j_8DjsDSc)kT!#NN5?bt80bib7vcJvO)#WKF^RFr@YX=6QcHb`fA@Wdh
z&I|M3fA)!L23Sh~RwhT^{u@kSGs+J!|94{SW3&P$_du-YJ2CbfS=deyUrrt7$%&jD
zB(CG}O@giY7?Ve=b&uqOkO7uL?ECZ7>X!BFWIg0%>!)Si@N_C(@%v;SLOkpQPbuZw
zcJ(A_WF;@;=GPv#%}3=n+q#AZ5F)s7sTqvhx|MOK7ji90-8u4MZcY>Y7*H=LDzt@d
zJxo3S|Et)U-0VVGvRV}#%(pq2Mh{Pf6(Ge`GOmCW=jGr5BIbqh5^^zb89obrq2Xu_
z;z!AYyux*%0>mE%Fg0uNcTm~58+L$0Bls|A*aE&E&<!{a>UuyoAk2Kg5#r5X9(1BM
z|IW6q9qr1CZD>d85@=q%LrZdP>e{d^#=*81A+&D+Hw;(I58RdoTpYN1;0hLSUy*zH
zg&qI5%RcgQK`8C~61_fTg`!}4p}or9VvpF*+i%$G9G#9H$5F>I$9s-Tjxk4;GspR)
zv)Q@T+2xEluQ{pnWaa0T4=O7Jm+*wJPUsL`5)|RbLZ9%Oa6mXByeYgToE3g6j0#cV
ziVzoW34ayt3JKvWK`&ZGn<$92;<I9>D2sjKFGAu~@rHO?oEGni55(>&t4nb0bp6ux
zd)J>_ldik2glpC{=hC@3_xIgSceT6Dz0tkR9dpOse|Jw*->;sl&h;$ylzOT>Kk#hu
zJm=~29P`Y2{^j9omey3)tf{$PbGznFO_@|J)l1#dUg;;&LFuS;R=Oa)FGZ!x(&BMx
kLb@(}CQV9rrGzvqrPmU^*lM~WP)L`9bXSPvL*4kl0a@@itpET3

-- 
2.50.0