From ce38d3a919c1363efbeb592d77df5f255f205419 Mon Sep 17 00:00:00 2001
From: Nikita Popov <nikita.ppv@gmail.com>
Date: Fri, 14 Aug 2020 12:44:13 +0200
Subject: [PATCH] Don't assert mysql->mysql is non-null

There is an edge case in constructor behavior where we can end up
with mysql->mysql being NULL (rather than mysql itself already being
NULL). I think that ultimately that's a bug in the constructor code,
and we should probably be destroying the outer structure on
construction failure as well. However it's pretty hard to unravel
with when considering all the construction permutations.
---
 ext/mysqli/php_mysqli_structs.h               |  5 ++++-
 .../mysqli_incomplete_initialization.phpt     | 22 +++++++++++++++++++
 2 files changed, 26 insertions(+), 1 deletion(-)
 create mode 100644 ext/mysqli/tests/mysqli_incomplete_initialization.phpt

diff --git a/ext/mysqli/php_mysqli_structs.h b/ext/mysqli/php_mysqli_structs.h
index f02da59848..cc4556c107 100644
--- a/ext/mysqli/php_mysqli_structs.h
+++ b/ext/mysqli/php_mysqli_structs.h
@@ -252,7 +252,10 @@ extern void php_mysqli_fetch_into_hash_aux(zval *return_value, MYSQL_RES * resul
 #define MYSQLI_FETCH_RESOURCE_CONN(__ptr, __id, __check) \
 { \
 	MYSQLI_FETCH_RESOURCE((__ptr), MY_MYSQL *, (__id), "mysqli_link", (__check)); \
-	ZEND_ASSERT((__ptr)->mysql && "Missing connection?"); \
+	if (!(__ptr)->mysql) { \
+		zend_throw_error(NULL, "%s object is not fully initialized", ZSTR_VAL(Z_OBJCE_P(__id)->name)); \
+		RETURN_THROWS(); \
+	} \
 }
 
 #define MYSQLI_FETCH_RESOURCE_STMT(__ptr, __id, __check) \
diff --git a/ext/mysqli/tests/mysqli_incomplete_initialization.phpt b/ext/mysqli/tests/mysqli_incomplete_initialization.phpt
new file mode 100644
index 0000000000..19aa6914ab
--- /dev/null
+++ b/ext/mysqli/tests/mysqli_incomplete_initialization.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Incomplete initialization edge case where mysql->mysql is NULL
+--SKIPIF--
+<?php
+require_once('skipif.inc');
+?>
+--FILE--
+<?php
+
+$mysqli = new mysqli();
+$mysqli->__construct(null);
+$mysqli->close();
+
+?>
+--EXPECTF--
+Warning: mysqli::__construct(): (HY000/2002): No such file or directory in %s on line %d
+
+Fatal error: Uncaught Error: mysqli object is not fully initialized in %s:%d
+Stack trace:
+#0 %s(%d): mysqli->close()
+#1 {main}
+  thrown in %s on line %d
-- 
2.50.1