Commit 757898b1ca9 for php.net

commit 757898b1ca933ff887090fc7dffff891511d1f7a
Merge: d82430824bd 1a5a81ca9f1
Author: Ilia Alshanetsky <ilia@ilia.ws>
Date:   Wed Jun 17 07:14:41 2026 -0400

    Merge branch 'PHP-8.4' into PHP-8.5

    * PHP-8.4:
      Fix buffer overflow converting @@IDENTITY in pdo_dblib lastInsertId

diff --cc ext/pdo_dblib/dblib_driver.c
index 88f979581c2,d1d849168ba..d3fb1b70931
--- a/ext/pdo_dblib/dblib_driver.c
+++ b/ext/pdo_dblib/dblib_driver.c
@@@ -233,8 -233,9 +233,8 @@@ zend_string *dblib_handle_last_id(pdo_d
  	pdo_dblib_db_handle *H = (pdo_dblib_db_handle *)dbh->driver_data;

  	RETCODE ret;
- 	BYTE id[32];
 -	char *id = NULL;
++	BYTE id[40];
  	size_t len;
 -	zend_string *ret_id;

  	/*
  	 * Would use scope_identity() but it's not implemented on Sybase
@@@ -266,10 -267,13 +266,10 @@@
  		return NULL;
  	}

- 	len = dbconvert(NULL, (dbcoltype(H->link, 1)) , (dbdata(H->link, 1)) , (dbdatlen(H->link, 1)), SQLCHAR, (BYTE *)id, (DBINT)-1);
 -	id = emalloc(40);
 -	len = dbconvert(NULL, (dbcoltype(H->link, 1)) , (dbdata(H->link, 1)) , (dbdatlen(H->link, 1)), SQLCHAR, (BYTE *)id, (DBINT)40);
++	len = dbconvert(NULL, (dbcoltype(H->link, 1)) , (dbdata(H->link, 1)) , (dbdatlen(H->link, 1)), SQLCHAR, (BYTE *)id, (DBINT)sizeof(id));
  	dbcancel(H->link);

 -	ret_id = zend_string_init(id, len, 0);
 -	efree(id);
 -	return ret_id;
 +	return zend_string_init((const char *) id, len, 0);
  }

  static bool dblib_set_attr(pdo_dbh_t *dbh, zend_long attr, zval *val)