From eef932a8c314657625d758f6a33ea66e4f875bdb Mon Sep 17 00:00:00 2001
From: arshidkv12 <arshidkv12@gmail.com>
Date: Thu, 4 Jun 2026 22:35:37 +0530
Subject: [PATCH 1/2] std/dba: validate file permission argument in dba_open()

---
 ext/dba/dba.c                     |  5 ++-
 ext/dba/tests/dba_permission.phpt | 51 +++++++++++++++++++++++++++++++
 2 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 ext/dba/tests/dba_permission.phpt

diff --git a/ext/dba/dba.c b/ext/dba/dba.c
index c0688714fe7c..9801c379fcff 100644
--- a/ext/dba/dba.c
+++ b/ext/dba/dba.c
@@ -563,7 +563,10 @@ static void php_dba_open(INTERNAL_FUNCTION_PARAMETERS, bool persistent)
 		zend_argument_must_not_be_empty_error(3);
 		RETURN_THROWS();
 	}
-	// TODO Check Value for permission
+	if (permission < 0 || (permission & ~07777) != 0) {
+		zend_argument_value_error(4, "Invalid file permission value (must be between 0 and 07777)");
+		RETURN_THROWS();
+	}
 	if (map_size < 0) {
 		zend_argument_value_error(5, "must be greater than or equal to 0");
 		RETURN_THROWS();
diff --git a/ext/dba/tests/dba_permission.phpt b/ext/dba/tests/dba_permission.phpt
new file mode 100644
index 000000000000..1aafb2c94fe5
--- /dev/null
+++ b/ext/dba/tests/dba_permission.phpt
@@ -0,0 +1,51 @@
+--TEST--
+DBA permission validation (invalid bits check)
+--EXTENSIONS--
+dba
+--SKIPIF--
+<?php
+if (!in_array('flatfile', dba_handlers())) die('skip flatfile handler not available');
+?>
+--FILE--
+<?php
+
+$filename = __DIR__ . DIRECTORY_SEPARATOR . 'test.db';
+
+function test($permission, $filename) {
+    try {
+        dba_open($filename, "c", "flatfile", $permission);
+        echo "OK\n";
+    } catch (ValueError $e) {
+        echo "VALUE_ERROR\n";
+    } catch (Throwable $e) {
+        echo "ERROR\n";
+    }
+
+    @unlink($filename);
+}
+
+/* valid permissions */
+test(0777, $filename);
+test(0755, $filename);
+test(0644, $filename);
+test(0000, $filename);
+
+/* invalid permissions */
+test(010000, $filename);
+test(020000, $filename);
+test(-1, $filename);
+
+?>
+--EXPECT--
+OK
+OK
+OK
+OK
+VALUE_ERROR
+VALUE_ERROR
+VALUE_ERROR
+--CLEAN--
+<?php
+$filename = __DIR__ . DIRECTORY_SEPARATOR . 'test.db';
+@unlink($filename);
+?>
\ No newline at end of file

From 0831a46008fee752b4184e99e312a530fa2286b1 Mon Sep 17 00:00:00 2001
From: arshidkv12 <arshidkv12@gmail.com>
Date: Thu, 4 Jun 2026 22:37:04 +0530
Subject: [PATCH 2/2] std/dba: validate file permission argument in dba_open()

---
 ext/dba/tests/dba_permission.phpt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/dba/tests/dba_permission.phpt b/ext/dba/tests/dba_permission.phpt
index 1aafb2c94fe5..3b53fd1e40d2 100644
--- a/ext/dba/tests/dba_permission.phpt
+++ b/ext/dba/tests/dba_permission.phpt
@@ -48,4 +48,4 @@ VALUE_ERROR
 <?php
 $filename = __DIR__ . DIRECTORY_SEPARATOR . 'test.db';
 @unlink($filename);
-?>
\ No newline at end of file
+?>