From d12ec59df8493d06a4b34fe2ece1162f25e31039 Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Wed, 8 Jan 2025 04:00:14 +0000
Subject: [PATCH] Fix GH-17400: bindtextdomain segfault with UTF-16 domain
 value.

The provided domain could be a non ascii value even if not supposed to,
in the error reported case was of 4 code points long but domain is "empty" leading to
a NULL return. It worked up to 8.3 "by accident" before the zend_string
conversion and check prior for emptiness.
---
 ext/gettext/gettext.c          |  4 ++--
 ext/gettext/tests/gh17400.phpt | 19 +++++++++++++++++++
 2 files changed, 21 insertions(+), 2 deletions(-)
 create mode 100644 ext/gettext/tests/gh17400.phpt

diff --git a/ext/gettext/gettext.c b/ext/gettext/gettext.c
index 53eaf7975457d..27f0dfa26da70 100644
--- a/ext/gettext/gettext.c
+++ b/ext/gettext/gettext.c
@@ -183,9 +183,9 @@ PHP_FUNCTION(bindtextdomain)
 	char *retval, dir_name[MAXPATHLEN], *btd_result;
 
 	ZEND_PARSE_PARAMETERS_START(1, 2)
-		Z_PARAM_STR(domain)
+		Z_PARAM_PATH_STR(domain)
 		Z_PARAM_OPTIONAL
-		Z_PARAM_STR_OR_NULL(dir)
+		Z_PARAM_PATH_STR_OR_NULL(dir)
 	ZEND_PARSE_PARAMETERS_END();
 
 	PHP_GETTEXT_DOMAIN_LENGTH_CHECK(1, ZSTR_LEN(domain))
diff --git a/ext/gettext/tests/gh17400.phpt b/ext/gettext/tests/gh17400.phpt
new file mode 100644
index 0000000000000..836b792bf0de7
--- /dev/null
+++ b/ext/gettext/tests/gh17400.phpt
@@ -0,0 +1,19 @@
+--TEST--
+GH-17400 bindtextdomain segfaults with invalid domain/domain with null bytes.
+--EXTENSIONS--
+gettext
+--CREDITS--
+YuanchengJiang
+--FILE--
+<?php
+$utf16_first_le = pack("H*", "00d800dc");
+$utf16le_char_bad = pack("H*", "00dc00dc");
+
+try {
+	bindtextdomain($utf16le_char_bad,$utf16_first_le);
+} catch (\ValueError $e) {
+	echo $e->getMessage();
+}
+?>
+--EXPECT--
+bindtextdomain(): Argument #1 ($domain) must not contain any null bytes