Dev news

Commit cc545f3113b for php.net

commit cc545f3113b1806b69b7e1ec29aeb966590fa599
Author: Weilin Du <weilindu@php.net>
Date:   Sat Jun 20 12:35:37 2026 +0800

    ext/standard: Reject NUL bytes in openlog() (#22366)

    When the value of the parameter of openlog() contains NUL byte(s),
    throw a ValueError instead of silently truncates it.

diff --git a/NEWS b/NEWS
index 363c5250640..0842807e12a 100644
--- a/NEWS
+++ b/NEWS
@@ -257,6 +257,8 @@ PHP                                                                        NEWS
     contains null bytes. (Weilin Du)
   . dl() now raises a ValueError when the $extension_filename argument
     contains null bytes. (Weilin Du)
+  . openlog() now raises a ValueError when the $prefix argument contains
+    null bytes. (Weilin Du)
   . parse_str() now raises a ValueError when the $string argument contains
     null bytes. (Weilin Du)
   . proc_open() now raises a ValueError when the $cwd argument contains
diff --git a/UPGRADING b/UPGRADING
index a9b1f34eae5..c77bfbfa4e0 100644
--- a/UPGRADING
+++ b/UPGRADING
@@ -153,6 +153,8 @@ PHP 8.6 UPGRADE NOTES
     contains null bytes.
   . dl() now raises a ValueError when the $extension_filename argument
     contains null bytes.
+  . openlog() now raises a ValueError when the $prefix argument contains
+    null bytes.
   . parse_str() now raises a ValueError when the $string argument contains
     null bytes.
   . linkinfo() now raises a ValueError when the $path argument is empty.
diff --git a/ext/standard/syslog.c b/ext/standard/syslog.c
index 44b902bf50b..78dfb2297fd 100644
--- a/ext/standard/syslog.c
+++ b/ext/standard/syslog.c
@@ -61,7 +61,7 @@ PHP_FUNCTION(openlog)
 	size_t ident_len;

 	ZEND_PARSE_PARAMETERS_START(3, 3)
-		Z_PARAM_STRING(ident, ident_len)
+		Z_PARAM_PATH(ident, ident_len)
 		Z_PARAM_LONG(option)
 		Z_PARAM_LONG(facility)
 	ZEND_PARSE_PARAMETERS_END();
diff --git a/ext/standard/tests/network/openlog_null_bytes.phpt b/ext/standard/tests/network/openlog_null_bytes.phpt
new file mode 100644
index 00000000000..6d327422781
--- /dev/null
+++ b/ext/standard/tests/network/openlog_null_bytes.phpt
@@ -0,0 +1,16 @@
+--TEST--
+openlog() rejects null bytes in prefix
+--SKIPIF--
+<?php
+if (!function_exists("openlog")) die("skip openlog() is not available");
+?>
+--FILE--
+<?php
+try {
+    openlog("foo\0bar", LOG_NDELAY, LOG_USER);
+} catch (ValueError $e) {
+    echo $e->getMessage(), "\n";
+}
+?>
+--EXPECT--
+openlog(): Argument #1 ($prefix) must not contain any null bytes