From aa366b51137e43ccf2cbdfe104b5a36b5590ecf5 Mon Sep 17 00:00:00 2001
From: Peter Kokot <peterkokot@gmail.com>
Date: Mon, 7 Jul 2025 07:54:29 +0200
Subject: [PATCH 1/4] Update re2c minimum versions in Windows checks and docs
 (#19039)

---
 docs/release-process.md  | 8 ++++----
 win32/build/confutils.js | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/release-process.md b/docs/release-process.md
index 015872096a15..37cf04dd7059 100644
--- a/docs/release-process.md
+++ b/docs/release-process.md
@@ -210,8 +210,8 @@ slightly different steps. We'll call attention where the steps differ.
    > Do *not* bump the API versions after RC1.
 
 5. Compile and run `make test`, with and without ZTS (Zend Thread Safety), using
-   the correct Bison and re2c versions, e.g., for PHP 7.4, Bison 3.0.0 and re2c
-   0.13.4 are required, as a minimum.
+   the correct Bison and re2c versions, e.g., for PHP 8.5, Bison 3.0.0 and re2c
+   1.0.3 are required, as a minimum.
 
    For example:
 
@@ -555,8 +555,8 @@ slightly different steps. We'll call attention where the steps differ.
    an example.
 
 6. Compile and run `make test`, with and without ZTS (Zend Thread Safety), using
-   the correct Bison and re2c versions, e.g., for PHP 7.4, Bison 3.0.0 and re2c
-   0.13.4 are required, as a minimum.
+   the correct Bison and re2c versions, e.g., for PHP 8.5, Bison 3.0.0 and re2c
+   1.0.3 are required, as a minimum.
 
    For example:
 
diff --git a/win32/build/confutils.js b/win32/build/confutils.js
index 0f97a1a2d29c..244defdf68f7 100644
--- a/win32/build/confutils.js
+++ b/win32/build/confutils.js
@@ -56,7 +56,7 @@ var WINVER = "0x0602"; /* 8/2012 */
 var MINBISON = "3.0.0";
 
 // There's a minimum requirement for re2c..
-var MINRE2C = "0.13.4";
+var MINRE2C = "1.0.3";
 
 /* Store the enabled extensions (summary + QA check) */
 var extensions_enabled = new Array();

From c2af281c0c2dba355eb342b4871df2bc09665c19 Mon Sep 17 00:00:00 2001
From: Peter Kokot <peterkokot@gmail.com>
Date: Mon, 7 Jul 2025 09:40:03 +0200
Subject: [PATCH 2/4] Use <winsock2.h> instead of legacy <winsock.h> (#19037)

This also omits defining unused HAVE_WINSOCK_H macro when building
ext/sockets.
---
 ext/mysqlnd/mysqlnd_vio.c | 2 +-
 ext/sockets/config.w32    | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/ext/mysqlnd/mysqlnd_vio.c b/ext/mysqlnd/mysqlnd_vio.c
index 67210f083a96..3a3f7b207214 100644
--- a/ext/mysqlnd/mysqlnd_vio.c
+++ b/ext/mysqlnd/mysqlnd_vio.c
@@ -26,7 +26,7 @@
 #ifndef PHP_WIN32
 #include <netinet/tcp.h>
 #else
-#include <winsock.h>
+#include <winsock2.h>
 #endif
 
 
diff --git a/ext/sockets/config.w32 b/ext/sockets/config.w32
index 10400985af5c..727d0c06fb6b 100644
--- a/ext/sockets/config.w32
+++ b/ext/sockets/config.w32
@@ -4,8 +4,7 @@ ARG_ENABLE("sockets", "SOCKETS support", "no");
 
 if (PHP_SOCKETS != "no") {
 	if (CHECK_LIB("ws2_32.lib", "sockets", PHP_SOCKETS)
-	&& CHECK_LIB("Iphlpapi.lib", "sockets", PHP_SOCKETS)
-	&& CHECK_HEADER_ADD_INCLUDE("winsock.h", "CFLAGS_SOCKETS")) {
+	&& CHECK_LIB("Iphlpapi.lib", "sockets", PHP_SOCKETS)) {
 		EXTENSION('sockets', 'sockets.c multicast.c conversions.c sockaddr_conv.c sendrecvmsg.c', PHP_SOCKETS_SHARED, "/DZEND_ENABLE_STATIC_TSRMLS_CACHE=1");
 		AC_DEFINE('HAVE_SOCKETS', 1, "Define to 1 if the PHP extension 'sockets' is available.");
 		PHP_INSTALL_HEADERS("ext/sockets", "php_sockets.h windows_common.h");

From 258fbd6bf958a7743c479152fcc4806379d0a6d1 Mon Sep 17 00:00:00 2001
From: Peter Kokot <peterkokot@gmail.com>
Date: Mon, 7 Jul 2025 09:51:25 +0200
Subject: [PATCH 3/4] Fix -Wuseless-escape warnings emitted by re2c (#19050)

re2c version 4 enabled some warnings by default. This fixes re2c code
for the `-Wuseless-escape` warnings.

There are two same issues reported.
Issue: GH-17523
Closes: GH-17204
---
 NEWS                         | 1 +
 Zend/zend_ini_scanner.l      | 6 +++---
 Zend/zend_language_scanner.l | 4 ++--
 sapi/phpdbg/phpdbg_lexer.l   | 2 +-
 4 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/NEWS b/NEWS
index 84add23a52e0..d0d8c25df532 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,7 @@ PHP                                                                        NEWS
     order). (Daniil Gentili)
   . Fix OSS-Fuzz #427814456. (nielsdos)
   . Fix OSS-Fuzz #428983568 and #428760800. (nielsdos)
+  . Fixed bug GH-17204 -Wuseless-escape warnings emitted by re2c. (Peter Kokot)
 
 - Curl:
   . Fix memory leaks when returning refcounted value from curl callback.
diff --git a/Zend/zend_ini_scanner.l b/Zend/zend_ini_scanner.l
index 44159297a04e..b87f4e33cc8f 100644
--- a/Zend/zend_ini_scanner.l
+++ b/Zend/zend_ini_scanner.l
@@ -352,16 +352,16 @@ restart:
 /*!re2c
 re2c:yyfill:check = 0;
 LNUM [0-9]+
-DNUM ([0-9]*[\.][0-9]+)|([0-9]+[\.][0-9]*)
+DNUM ([0-9]*[.][0-9]+)|([0-9]+[.][0-9]*)
 NUMBER [-]?{LNUM}|{DNUM}
 ANY_CHAR (.|[\n\t])
 NEWLINE	("\r"|"\n"|"\r\n")
 TABS_AND_SPACES [ \t]
 WHITESPACE [ \t]+
 CONSTANT [a-zA-Z_][a-zA-Z0-9_]*
-LABEL_CHAR [^=\n\r\t;&|^$~(){}!"\[\]\x00]
+LABEL_CHAR [^=\n\r\t;&|^$~(){}!"[\]\x00]
 LABEL ({LABEL_CHAR}+)
-TOKENS [:,.\[\]"'()&|^+-/*=%$!~<>?@{}]
+TOKENS [:,.[\]"'()&|^+-/*=%$!~<>?@{}]
 OPERATORS [&|^~()!]
 DOLLAR_CURLY "${"
 
diff --git a/Zend/zend_language_scanner.l b/Zend/zend_language_scanner.l
index 25e1ecbca6f5..3ea51fe7c9d0 100644
--- a/Zend/zend_language_scanner.l
+++ b/Zend/zend_language_scanner.l
@@ -1801,11 +1801,11 @@ OPTIONAL_WHITESPACE_OR_COMMENTS ({WHITESPACE}|{MULTI_LINE_COMMENT}|{SINGLE_LINE_
 	RETURN_TOKEN(T_MUL_EQUAL);
 }
 
-<ST_IN_SCRIPTING>"*\*" {
+<ST_IN_SCRIPTING>"**" {
 	RETURN_TOKEN(T_POW);
 }
 
-<ST_IN_SCRIPTING>"*\*=" {
+<ST_IN_SCRIPTING>"**=" {
 	RETURN_TOKEN(T_POW_EQUAL);
 }
 
diff --git a/sapi/phpdbg/phpdbg_lexer.l b/sapi/phpdbg/phpdbg_lexer.l
index 60d995526ea2..ba1423c5a4ec 100644
--- a/sapi/phpdbg/phpdbg_lexer.l
+++ b/sapi/phpdbg/phpdbg_lexer.l
@@ -77,7 +77,7 @@ T_IF        'if'
 T_RUN       'run'
 T_RUN_SHORT "r"
 WS          [ \r\t]+
-DIGITS      [-]?[0-9\.]+
+DIGITS      [-]?[0-9.]+
 ID          [^ \r\n\t:#\000]+
 GENERIC_ID  ([^ \r\n\t:#\000"']|":\\")+|["]([^\n\000"\\]|"\\\\"|"\\"["])+["]|[']([^\n\000'\\]|"\\\\"|"\\"['])+[']
 ADDR        [0][x][a-fA-F0-9]+

From b068ee307f3185ecd4d2a2f476c005bcc24e873a Mon Sep 17 00:00:00 2001
From: Zheng Yu <dataisland@outlook.com>
Date: Mon, 7 Jul 2025 05:57:43 -0400
Subject: [PATCH 4/4] Fix unreachable code in URL output handler (#19056)

Since `ZSTR_LEN()` returns a `size_t` (unsigned integer), the value can only be either "not equal to 0" or "equal to 0". The third `else` branch was unreachable, making the `*handled_output = NULL;` assignment dead code.
---
 ext/standard/url_scanner_ex.re | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/ext/standard/url_scanner_ex.re b/ext/standard/url_scanner_ex.re
index e3c4477cde36..46254bf38085 100644
--- a/ext/standard/url_scanner_ex.re
+++ b/ext/standard/url_scanner_ex.re
@@ -701,7 +701,7 @@ static inline void php_url_scanner_session_handler_impl(char *output, size_t out
 				len = UINT_MAX;
 		}
 		*handled_output_len = len;
-	} else if (ZSTR_LEN(url_state->url_app.s) == 0) {
+	} else {
 		url_adapt_state_ex_t *ctx = url_state;
 		if (ctx->buf.s && ZSTR_LEN(ctx->buf.s)) {
 			smart_str_append(&ctx->result, ctx->buf.s);
@@ -715,8 +715,6 @@ static inline void php_url_scanner_session_handler_impl(char *output, size_t out
 		} else {
 			*handled_output = estrndup(output, *handled_output_len = output_len);
 		}
-	} else {
-		*handled_output = NULL;
 	}
 }