From 53f8369e6f80fcedd13566ec9a9f0302dd4ff32b Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Tue, 24 Feb 2026 20:58:01 +0000
Subject: [PATCH 1/2] ext/pcre: preg_match() fix memory leak with invalid
 regexes.

---
 ext/pcre/php_pcre.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ext/pcre/php_pcre.c b/ext/pcre/php_pcre.c
index 5671957daac52..24931466199c2 100644
--- a/ext/pcre/php_pcre.c
+++ b/ext/pcre/php_pcre.c
@@ -1489,7 +1489,8 @@ ZEND_FRAMELESS_FUNCTION(preg_match, 2)
 	/* Compile regex or get it from cache. */
 	pcre_cache_entry *pce;
 	if ((pce = pcre_get_compiled_regex_cache(regex)) == NULL) {
-		RETURN_FALSE;
+		RETVAL_FALSE;
+		goto flf_clean;
 	}
 
 	pce->refcount++;

From e7dffdc25e698136263f044e791eec29dd7d0e9c Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Tue, 24 Feb 2026 20:58:44 +0000
Subject: [PATCH 2/2] add test

---
 ext/pcre/tests/preg_match_frameless_leak.phpt | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 ext/pcre/tests/preg_match_frameless_leak.phpt

diff --git a/ext/pcre/tests/preg_match_frameless_leak.phpt b/ext/pcre/tests/preg_match_frameless_leak.phpt
new file mode 100644
index 0000000000000..52bbfeceee0d1
--- /dev/null
+++ b/ext/pcre/tests/preg_match_frameless_leak.phpt
@@ -0,0 +1,26 @@
+--TEST--
+Memory leak in preg_match() frameless function with invalid regex and object arguments
+--FILE--
+<?php
+class Str {
+    private $val;
+    public function __construct($val) {
+        $this->val = $val;
+    }
+    public function __toString() {
+        return $this->val;
+    }
+}
+
+$regex = new Str("invalid regex");
+$subject = new Str("some subject");
+
+// Running in a loop to ensure leak detection if run with memory tools
+for ($i = 0; $i < 100; $i++) {
+    @preg_match($regex, $subject);
+}
+
+echo "Done";
+?>
+--EXPECT--
+Done