From 1674a4c3836be152f1dd30f18c1c26ccef376957 Mon Sep 17 00:00:00 2001
From: George Peter Banyard <girgias@php.net>
Date: Thu, 6 Apr 2023 15:29:13 +0100
Subject: [PATCH 1/2] Prevent unnecessary string duplication in assert()

---
 ext/standard/assert.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/ext/standard/assert.c b/ext/standard/assert.c
index 0b43033dd4d30..35ff4988afa17 100644
--- a/ext/standard/assert.c
+++ b/ext/standard/assert.c
@@ -34,8 +34,6 @@ ZEND_DECLARE_MODULE_GLOBALS(assert)
 
 #define ASSERTG(v) ZEND_MODULE_GLOBALS_ACCESSOR(assert, v)
 
-#define SAFE_STRING(s) ((s)?(s):"")
-
 PHPAPI zend_class_entry *assertion_error_ce;
 
 static PHP_INI_MH(OnChangeCallback) /* {{{ */
@@ -151,9 +149,12 @@ PHP_FUNCTION(assert)
 		zval args[4];
 		zval retval;
 		uint32_t lineno = zend_get_executed_lineno();
-		const char *filename = zend_get_executed_filename();
+		zend_string *filename = zend_get_executed_filename_ex();
+		if (UNEXPECTED(!filename)) {
+			filename = ZSTR_KNOWN(ZEND_STR_UNKNOWN_CAPITALIZED);
+		}
 
-		ZVAL_STRING(&args[0], SAFE_STRING(filename));
+		ZVAL_STR(&args[0], filename);
 		ZVAL_LONG(&args[1], lineno);
 		ZVAL_NULL(&args[2]);
 

From 8eccf874f18eca3809441c17011e0baed3715ff5 Mon Sep 17 00:00:00 2001
From: George Peter Banyard <girgias@php.net>
Date: Sat, 6 May 2023 13:51:04 +0100
Subject: [PATCH 2/2] Fix use after free

---
 ext/standard/assert.c                         |  1 -
 .../assert/assert_closures_multiple.phpt      | 35 +++++++++++++++++++
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 ext/standard/tests/assert/assert_closures_multiple.phpt

diff --git a/ext/standard/assert.c b/ext/standard/assert.c
index 35ff4988afa17..74467eb433f03 100644
--- a/ext/standard/assert.c
+++ b/ext/standard/assert.c
@@ -167,7 +167,6 @@ PHP_FUNCTION(assert)
 			call_user_function(NULL, NULL, &ASSERTG(callback), &retval, 3, args);
 		}
 
-		zval_ptr_dtor(&args[0]);
 		zval_ptr_dtor(&retval);
 	}
 
diff --git a/ext/standard/tests/assert/assert_closures_multiple.phpt b/ext/standard/tests/assert/assert_closures_multiple.phpt
new file mode 100644
index 0000000000000..e63c355299f39
--- /dev/null
+++ b/ext/standard/tests/assert/assert_closures_multiple.phpt
@@ -0,0 +1,35 @@
+--TEST--
+assert() asserting multiple with callback
+--INI--
+assert.active = 1
+assert.warning = 1
+assert.bail = 0
+assert.exception=1
+--FILE--
+<?php
+assert_options(ASSERT_CALLBACK, function ($f) {});
+try {
+    assert(false);
+} catch (Throwable) {}
+try {
+    assert(false);
+} catch (Throwable) {}
+try {
+    assert(false);
+} catch (Throwable) {}
+try {
+    assert(false);
+} catch (Throwable) {}
+try {
+    assert(false);
+} catch (Throwable) {}
+try {
+    assert(false);
+} catch (Throwable) {}
+try {
+    assert(false);
+} catch (Throwable) {}
+?>
+DONE
+--EXPECT--
+DONE