Merge branch 'PHP-8.4'

* PHP-8.4:
  Fix phpGH-15168: stack overflow in json_encode()

Author: nielsdos

ext/json/json_encoder.c

@@ -32,6 +32,15 @@
 
 static const char digits[] = "0123456789abcdef";
 
+static zend_always_inline bool php_json_check_stack_limit(void)
+{
+#ifdef ZEND_CHECK_STACK_LIMIT
+	return zend_call_stack_overflowed(EG(stack_limit));
+#else
+	return false;
+#endif
+}
+
 static int php_json_determine_array_type(zval *val) /* {{{ */
 {
 	zend_array *myht = Z_ARRVAL_P(val);
@@ -117,6 +126,14 @@ static zend_result php_json_encode_array(smart_str *buf, zval *val, int options,
 	HashTable *myht, *prop_ht;
 	zend_refcounted *recursion_rc;
 
+	if (php_json_check_stack_limit()) {
+		encoder->error_code = PHP_JSON_ERROR_DEPTH;
+		if (options & PHP_JSON_PARTIAL_OUTPUT_ON_ERROR) {
+			smart_str_appendl(buf, "null", 4);
+		}
+		return FAILURE;
+	}
+
 	if (Z_TYPE_P(val) == IS_ARRAY) {
 		myht = Z_ARRVAL_P(val);
 		recursion_rc = (zend_refcounted *)myht;

ext/json/tests/gh15168.phpt

@@ -0,0 +1,35 @@
+--TEST--
+GH-15168 (stack overflow in json_encode())
+--SKIPIF--
+<?php
+if (ini_get('zend.max_allowed_stack_size') === false) {
+    die('skip No stack limit support');
+}
+?>
+--INI--
+zend.max_allowed_stack_size=512K
+--FILE--
+<?php
+
+class Node
+{
+    public $next;
+}
+
+$firstNode = new Node();
+$node = $firstNode;
+for ($i = 0; $i < 30000; $i++) {
+    $newNode = new Node();
+    $node->next = $newNode;
+    $node = $newNode;
+}
+
+var_dump(json_encode($firstNode, depth: 500000));
+var_dump(json_last_error());
+var_dump(json_last_error_msg());
+
+?>
+--EXPECT--
+bool(false)
+int(1)
+string(28) "Maximum stack depth exceeded"