From 7cae6eb8dbee7012691f89f5358ceee44c1b32c2 Mon Sep 17 00:00:00 2001
From: Ilija Tovilo <ilija.tovilo@me.com>
Date: Mon, 17 Jul 2023 22:11:49 +0200
Subject: [PATCH] Fix hash_pbkdf2 options parameter

The value needs to be initialized to NULL as it is optional. Furthermore, the
parameter was completely missing in the stub signature.

Closes GH-11731
---
 NEWS                    | 4 ++++
 ext/hash/hash.c         | 2 +-
 ext/hash/hash.stub.php  | 2 +-
 ext/hash/hash_arginfo.h | 3 ++-
 4 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index 1da7166ec8f..3ea905cc0be 100644
--- a/NEWS
+++ b/NEWS
@@ -38,6 +38,10 @@ PHP                                                                        NEWS
 - GD:
   . Fix most of the external libgd test failures. (Michael Orlitzky)
 
+- Hash:
+  . Fix use-of-uninitialized-value in hash_pbkdf2(), fix missing $options
+    parameter in signature. (ilutov)
+
 - Intl:
   . Fix memory leak in MessageFormatter::format() on failure. (Girgias)
 
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index 5b33d946376..2d29ff61fa0 100644
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -992,7 +992,7 @@ PHP_FUNCTION(hash_pbkdf2)
 	bool raw_output = 0;
 	const php_hash_ops *ops;
 	void *context;
-	HashTable *args;
+	HashTable *args = NULL;
 
 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "Sssl|lbh", &algo, &pass, &pass_len, &salt, &salt_len, &iterations, &length, &raw_output, &args) == FAILURE) {
 		RETURN_THROWS();
diff --git a/ext/hash/hash.stub.php b/ext/hash/hash.stub.php
index 6795ecaa87c..f5e77452ef5 100644
--- a/ext/hash/hash.stub.php
+++ b/ext/hash/hash.stub.php
@@ -44,7 +44,7 @@ function hash_algos(): array {}
 function hash_hmac_algos(): array {}
 
 /** @refcount 1 */
-function hash_pbkdf2(string $algo, string $password, string $salt, int $iterations, int $length = 0, bool $binary = false): string {}
+function hash_pbkdf2(string $algo, string $password, string $salt, int $iterations, int $length = 0, bool $binary = false, array $options = []): string {}
 
 function hash_equals(string $known_string, string $user_string): bool {}
 
diff --git a/ext/hash/hash_arginfo.h b/ext/hash/hash_arginfo.h
index 8ce7ba03aa5..5168c81f459 100644
--- a/ext/hash/hash_arginfo.h
+++ b/ext/hash/hash_arginfo.h
@@ -1,5 +1,5 @@
 /* This is a generated file, edit the .stub.php file instead.
- * Stub hash: 8b5131fd7bd88d1ec0211bcfcb5a4854418aa3c8 */
+ * Stub hash: 66d99527cf6d7b37ff652bb78fa57d5e3d5c78d9 */
 
 ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_hash, 0, 2, IS_STRING, 0)
 	ZEND_ARG_TYPE_INFO(0, algo, IS_STRING, 0)
@@ -74,6 +74,7 @@ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_hash_pbkdf2, 0, 4, IS_STRING, 0)
 	ZEND_ARG_TYPE_INFO(0, iterations, IS_LONG, 0)
 	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, length, IS_LONG, 0, "0")
 	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, binary, _IS_BOOL, 0, "false")
+	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, options, IS_ARRAY, 0, "[]")
 ZEND_END_ARG_INFO()
 
 ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_hash_equals, 0, 2, _IS_BOOL, 0)