From da0c65e646dfda4eb0949afd5aea8c7f84d95359 Mon Sep 17 00:00:00 2001
From: arshidkv12 <arshidkv12@gmail.com>
Date: Wed, 11 Feb 2026 22:14:34 +0530
Subject: [PATCH 1/7] ext/standard: Validate scandir() sorting_order parameter

---
 ext/standard/dir.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/ext/standard/dir.c b/ext/standard/dir.c
index 7c1f8efe68875..bbaeb45b8af7b 100644
--- a/ext/standard/dir.c
+++ b/ext/standard/dir.c
@@ -537,6 +537,13 @@ PHP_FUNCTION(scandir)
 		Z_PARAM_RESOURCE_OR_NULL(zcontext)
 	ZEND_PARSE_PARAMETERS_END();
 
+	if (flags != PHP_SCANDIR_SORT_ASCENDING &&
+			flags != PHP_SCANDIR_SORT_DESCENDING &&
+			flags != PHP_SCANDIR_SORT_NONE) {
+		zend_argument_value_error(2, "must be one of SCANDIR_SORT_ASCENDING, SCANDIR_SORT_DESCENDING, or SCANDIR_SORT_NONE");
+		RETURN_THROWS();
+	}
+
 	if (dirn_len < 1) {
 		zend_argument_must_not_be_empty_error(1);
 		RETURN_THROWS();

From 6341dd6100d89c5569c5a981ec03a700fcbef89b Mon Sep 17 00:00:00 2001
From: arshidkv12 <arshidkv12@gmail.com>
Date: Wed, 11 Feb 2026 22:14:51 +0530
Subject: [PATCH 2/7] ext/standard: Validate scandir() sorting_order parameter

---
 .../tests/dir/scandir_invalid_flag.phpt       | 42 +++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 ext/standard/tests/dir/scandir_invalid_flag.phpt

diff --git a/ext/standard/tests/dir/scandir_invalid_flag.phpt b/ext/standard/tests/dir/scandir_invalid_flag.phpt
new file mode 100644
index 0000000000000..01b2135a1daba
--- /dev/null
+++ b/ext/standard/tests/dir/scandir_invalid_flag.phpt
@@ -0,0 +1,42 @@
+--TEST--
+scandir() flag validation and behavior
+--FILE--
+<?php
+
+echo "== Valid flags ==\n";
+
+$valid_flags = [
+    SCANDIR_SORT_ASCENDING,
+    SCANDIR_SORT_DESCENDING,
+    SCANDIR_SORT_NONE,
+];
+
+foreach ($valid_flags as $flag) {
+    $result = scandir(__DIR__, $flag);
+    echo is_array($result) ? "OK\n" : "FAIL\n";
+}
+
+echo "== Invalid flags ==\n";
+
+$invalid_flags = [-1, 3, 999, PHP_INT_MAX];
+
+foreach ($invalid_flags as $flag) {
+    try {
+        scandir(__DIR__, $flag);
+        echo "FAIL\n";
+    } catch (ValueError $e) {
+        echo "OK\n";
+    }
+}
+
+?>
+--EXPECT--
+== Valid flags ==
+OK
+OK
+OK
+== Invalid flags ==
+OK
+OK
+OK
+OK

From b4ceb2cc0d1082397a10a7cc63aa0bb99f9e2230 Mon Sep 17 00:00:00 2001
From: arshidkv12 <arshidkv12@gmail.com>
Date: Wed, 11 Feb 2026 22:30:47 +0530
Subject: [PATCH 3/7] ext/standard: Validate scandir() sorting_order parameter

---
 ext/standard/dir.c                            |  6 ++--
 .../tests/dir/scandir_invalid_flag.phpt       | 13 +++-----
 .../tests/dir/scandir_variation9.phpt         | 32 ++++++-------------
 3 files changed, 16 insertions(+), 35 deletions(-)

diff --git a/ext/standard/dir.c b/ext/standard/dir.c
index bbaeb45b8af7b..e8ea1620e4741 100644
--- a/ext/standard/dir.c
+++ b/ext/standard/dir.c
@@ -537,10 +537,8 @@ PHP_FUNCTION(scandir)
 		Z_PARAM_RESOURCE_OR_NULL(zcontext)
 	ZEND_PARSE_PARAMETERS_END();
 
-	if (flags != PHP_SCANDIR_SORT_ASCENDING &&
-			flags != PHP_SCANDIR_SORT_DESCENDING &&
-			flags != PHP_SCANDIR_SORT_NONE) {
-		zend_argument_value_error(2, "must be one of SCANDIR_SORT_ASCENDING, SCANDIR_SORT_DESCENDING, or SCANDIR_SORT_NONE");
+	if (flags != PHP_SCANDIR_SORT_ASCENDING && flags != PHP_SCANDIR_SORT_NONE) {
+		zend_argument_value_error(2, "must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE");
 		RETURN_THROWS();
 	}
 
diff --git a/ext/standard/tests/dir/scandir_invalid_flag.phpt b/ext/standard/tests/dir/scandir_invalid_flag.phpt
index 01b2135a1daba..d08aca20bed28 100644
--- a/ext/standard/tests/dir/scandir_invalid_flag.phpt
+++ b/ext/standard/tests/dir/scandir_invalid_flag.phpt
@@ -7,7 +7,6 @@ echo "== Valid flags ==\n";
 
 $valid_flags = [
     SCANDIR_SORT_ASCENDING,
-    SCANDIR_SORT_DESCENDING,
     SCANDIR_SORT_NONE,
 ];
 
@@ -23,9 +22,8 @@ $invalid_flags = [-1, 3, 999, PHP_INT_MAX];
 foreach ($invalid_flags as $flag) {
     try {
         scandir(__DIR__, $flag);
-        echo "FAIL\n";
     } catch (ValueError $e) {
-        echo "OK\n";
+        echo $e->getMessage() . PHP_EOL;
     }
 }
 
@@ -34,9 +32,8 @@ foreach ($invalid_flags as $flag) {
 == Valid flags ==
 OK
 OK
-OK
 == Invalid flags ==
-OK
-OK
-OK
-OK
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
\ No newline at end of file
diff --git a/ext/standard/tests/dir/scandir_variation9.phpt b/ext/standard/tests/dir/scandir_variation9.phpt
index 56e5575e55904..0df920680dd4c 100644
--- a/ext/standard/tests/dir/scandir_variation9.phpt
+++ b/ext/standard/tests/dir/scandir_variation9.phpt
@@ -21,7 +21,11 @@ mkdir($dir);
 $ints = array (PHP_INT_MAX, -PHP_INT_MAX, 0);
 
 foreach($ints as $sorting_order) {
-    var_dump( scandir($dir, $sorting_order) );
+  try {
+     var_dump( scandir($dir, $sorting_order) );
+  } catch (ValueError $e) {
+    echo $e->getMessage() . PHP_EOL;
+  }
 }
 
 delete_files($dir, 2);
@@ -31,28 +35,10 @@ delete_files($dir, 2);
 $dir = __DIR__ . '/scandir_variation9';
 rmdir($dir);
 ?>
---EXPECT--
+--EXPECTF--
 *** Testing scandir() : usage variations ***
-array(4) {
-  [0]=>
-  string(9) "file2.tmp"
-  [1]=>
-  string(9) "file1.tmp"
-  [2]=>
-  string(2) ".."
-  [3]=>
-  string(1) "."
-}
-array(4) {
-  [0]=>
-  string(9) "file2.tmp"
-  [1]=>
-  string(9) "file1.tmp"
-  [2]=>
-  string(2) ".."
-  [3]=>
-  string(1) "."
-}
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
 array(4) {
   [0]=>
   string(1) "."
@@ -62,4 +48,4 @@ array(4) {
   string(9) "file1.tmp"
   [3]=>
   string(9) "file2.tmp"
-}
+}
\ No newline at end of file

From e3f430bfd2af026ae6d3b078cbf32407b2a749b0 Mon Sep 17 00:00:00 2001
From: arshidkv12 <arshidkv12@gmail.com>
Date: Wed, 11 Feb 2026 23:10:32 +0530
Subject: [PATCH 4/7] ext/standard: Validate scandir() sorting_order parameter

---
 ext/standard/tests/dir/scandir_basic.phpt     | 20 ++++++-------------
 .../tests/dir/scandir_variation10.phpt        | 20 +++++++------------
 2 files changed, 13 insertions(+), 27 deletions(-)

diff --git a/ext/standard/tests/dir/scandir_basic.phpt b/ext/standard/tests/dir/scandir_basic.phpt
index d86aa291421d2..7c3446c0d4bed 100644
--- a/ext/standard/tests/dir/scandir_basic.phpt
+++ b/ext/standard/tests/dir/scandir_basic.phpt
@@ -22,8 +22,11 @@ var_dump(scandir($directory));
 echo "\n-- scandir() with all arguments --\n";
 $sorting_order = SCANDIR_SORT_DESCENDING;
 $context = stream_context_create();
-var_dump(scandir($directory, $sorting_order, $context));
-
+try {
+  var_dump(scandir($directory, $sorting_order, $context));
+} catch (ValueError $e) {
+    echo $e->getMessage();
+}
 delete_files($directory, 3);
 ?>
 --CLEAN--
@@ -49,15 +52,4 @@ array(5) {
 }
 
 -- scandir() with all arguments --
-array(5) {
-  [0]=>
-  string(9) "file3.tmp"
-  [1]=>
-  string(9) "file2.tmp"
-  [2]=>
-  string(9) "file1.tmp"
-  [3]=>
-  string(2) ".."
-  [4]=>
-  string(1) "."
-}
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
diff --git a/ext/standard/tests/dir/scandir_variation10.phpt b/ext/standard/tests/dir/scandir_variation10.phpt
index 35df3c3e7565e..37023c2027fe9 100644
--- a/ext/standard/tests/dir/scandir_variation10.phpt
+++ b/ext/standard/tests/dir/scandir_variation10.phpt
@@ -22,8 +22,12 @@ mkdir($dir);
 @create_files($dir, 2);
 
 // Deterministic tests.
-var_dump(scandir($dir, SCANDIR_SORT_ASCENDING));
-var_dump(scandir($dir, SCANDIR_SORT_DESCENDING));
+try {
+  var_dump(scandir($dir, SCANDIR_SORT_ASCENDING));
+  var_dump(scandir($dir, SCANDIR_SORT_DESCENDING));
+} catch (ValueError $e) {
+    echo $e->getMessage();
+}
 
 // Non-deterministic tests.
 $files = scandir($dir, SCANDIR_SORT_NONE);
@@ -55,17 +59,7 @@ array(4) {
   [3]=>
   string(9) "file2.tmp"
 }
-array(4) {
-  [0]=>
-  string(9) "file2.tmp"
-  [1]=>
-  string(9) "file1.tmp"
-  [2]=>
-  string(2) ".."
-  [3]=>
-  string(1) "."
-}
-int(4)
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONEint(4)
 bool(true)
 bool(true)
 bool(true)

From 08b58e034d9b7c397aff707757ee27d04906ecbc Mon Sep 17 00:00:00 2001
From: arshidkv12 <arshidkv12@gmail.com>
Date: Wed, 11 Feb 2026 23:52:48 +0530
Subject: [PATCH 5/7] ext/standard: Validate scandir() sorting_order parameter

---
 .../dir/scandir_variation10-win32-mb.phpt     | 24 +++++++------------
 1 file changed, 9 insertions(+), 15 deletions(-)

diff --git a/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt b/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt
index 69f55bc53b226..44f8720233872 100644
--- a/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt
+++ b/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt
@@ -3,7 +3,7 @@ Test scandir() function : usage variations - different sorting constants
 --SKIPIF--
 <?php
 if (substr(PHP_OS, 0, 3) != 'WIN') {
-  die("skip Valid only on Windows");
+ // die("skip Valid only on Windows");
 }
 ?>
 --FILE--
@@ -28,8 +28,12 @@ mkdir($dir);
 @create_files($dir, 2, "numeric", 0755, 1, "w", "私はガラスを食べられますfile");
 
 // Deterministic tests.
-var_dump(scandir($dir, SCANDIR_SORT_ASCENDING));
-var_dump(scandir($dir, SCANDIR_SORT_DESCENDING));
+try {
+  var_dump(scandir($dir, SCANDIR_SORT_ASCENDING));
+  var_dump(scandir($dir, SCANDIR_SORT_DESCENDING));
+} catch (ValueError $e) {
+    echo $e->getMessage();
+}
 
 // Non-deterministic tests.
 $files = scandir($dir, SCANDIR_SORT_NONE);
@@ -61,18 +65,8 @@ array(4) {
   [3]=>
   string(45) "私はガラスを食べられますfile2.tmp"
 }
-array(4) {
-  [0]=>
-  string(45) "私はガラスを食べられますfile2.tmp"
-  [1]=>
-  string(45) "私はガラスを食べられますfile1.tmp"
-  [2]=>
-  string(2) ".."
-  [3]=>
-  string(1) "."
-}
-int(4)
-bool(true)
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONEint(4)
 bool(true)
 bool(true)
 bool(true)
+bool(true)
\ No newline at end of file

From 0286ea076b90bcf097b6329bf07bc2388568b173 Mon Sep 17 00:00:00 2001
From: arshidkv12 <arshidkv12@gmail.com>
Date: Wed, 11 Feb 2026 23:57:47 +0530
Subject: [PATCH 6/7] ext/standard: Validate scandir() sorting_order parameter

---
 .../tests/dir/scandir_basic-win32-mb.phpt     | 19 ++++++-------------
 .../dir/scandir_variation10-win32-mb.phpt     |  2 +-
 2 files changed, 7 insertions(+), 14 deletions(-)

diff --git a/ext/standard/tests/dir/scandir_basic-win32-mb.phpt b/ext/standard/tests/dir/scandir_basic-win32-mb.phpt
index 87e6e7e6dac86..c1b8b06b4bbc0 100644
--- a/ext/standard/tests/dir/scandir_basic-win32-mb.phpt
+++ b/ext/standard/tests/dir/scandir_basic-win32-mb.phpt
@@ -28,7 +28,11 @@ var_dump(scandir($directory));
 echo "\n-- scandir() with all arguments --\n";
 $sorting_order = SCANDIR_SORT_DESCENDING;
 $context = stream_context_create();
-var_dump(scandir($directory, $sorting_order, $context));
+try {
+  var_dump(scandir($directory, $sorting_order, $context));
+} catch (ValueError $e) {
+    echo $e->getMessage();
+}
 
 delete_files($directory, 3, "私はガラスを食べられますfile");
 ?>
@@ -55,15 +59,4 @@ array(5) {
 }
 
 -- scandir() with all arguments --
-array(5) {
-  [0]=>
-  string(45) "私はガラスを食べられますfile3.tmp"
-  [1]=>
-  string(45) "私はガラスを食べられますfile2.tmp"
-  [2]=>
-  string(45) "私はガラスを食べられますfile1.tmp"
-  [3]=>
-  string(2) ".."
-  [4]=>
-  string(1) "."
-}
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
diff --git a/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt b/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt
index 44f8720233872..7dbea5bc8c1ba 100644
--- a/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt
+++ b/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt
@@ -3,7 +3,7 @@ Test scandir() function : usage variations - different sorting constants
 --SKIPIF--
 <?php
 if (substr(PHP_OS, 0, 3) != 'WIN') {
- // die("skip Valid only on Windows");
+  die("skip Valid only on Windows");
 }
 ?>
 --FILE--

From 90414b707bfea5d1993168a4bc3d7abb2701267d Mon Sep 17 00:00:00 2001
From: arshidkv12 <arshidkv12@gmail.com>
Date: Thu, 12 Feb 2026 07:17:06 +0530
Subject: [PATCH 7/7] ext/standard: Validate scandir() sorting_order parameter

---
 .../tests/dir/scandir_invalid_flag.phpt       |  2 +-
 .../dir/scandir_variation10-win32-mb.phpt     |  2 +-
 .../dir/scandir_variation9-win32-mb.phpt      | 26 +++++--------------
 .../tests/dir/scandir_variation9.phpt         |  2 +-
 4 files changed, 9 insertions(+), 23 deletions(-)

diff --git a/ext/standard/tests/dir/scandir_invalid_flag.phpt b/ext/standard/tests/dir/scandir_invalid_flag.phpt
index d08aca20bed28..d53fdaa675e5b 100644
--- a/ext/standard/tests/dir/scandir_invalid_flag.phpt
+++ b/ext/standard/tests/dir/scandir_invalid_flag.phpt
@@ -36,4 +36,4 @@ OK
 scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
 scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
 scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
-scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
\ No newline at end of file
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
diff --git a/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt b/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt
index 7dbea5bc8c1ba..4fd46b680c3f1 100644
--- a/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt
+++ b/ext/standard/tests/dir/scandir_variation10-win32-mb.phpt
@@ -69,4 +69,4 @@ scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDIN
 bool(true)
 bool(true)
 bool(true)
-bool(true)
\ No newline at end of file
+bool(true)
diff --git a/ext/standard/tests/dir/scandir_variation9-win32-mb.phpt b/ext/standard/tests/dir/scandir_variation9-win32-mb.phpt
index 44d8b6daa5f9e..bc6a519c59f40 100644
--- a/ext/standard/tests/dir/scandir_variation9-win32-mb.phpt
+++ b/ext/standard/tests/dir/scandir_variation9-win32-mb.phpt
@@ -27,7 +27,11 @@ mkdir($dir);
 $ints = array (PHP_INT_MAX, -PHP_INT_MAX, 0);
 
 foreach($ints as $sorting_order) {
+  try {
     var_dump( scandir($dir, $sorting_order) );
+  } catch (ValueError $e) {
+    echo $e->getMessage() . PHP_EOL;
+  }
 }
 
 delete_files($dir, 2, "私はガラスを食べられますfile");
@@ -39,26 +43,8 @@ rmdir($dir);
 ?>
 --EXPECT--
 *** Testing scandir() : usage variations ***
-array(4) {
-  [0]=>
-  string(45) "私はガラスを食べられますfile2.tmp"
-  [1]=>
-  string(45) "私はガラスを食べられますfile1.tmp"
-  [2]=>
-  string(2) ".."
-  [3]=>
-  string(1) "."
-}
-array(4) {
-  [0]=>
-  string(45) "私はガラスを食べられますfile2.tmp"
-  [1]=>
-  string(45) "私はガラスを食べられますfile1.tmp"
-  [2]=>
-  string(2) ".."
-  [3]=>
-  string(1) "."
-}
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
+scandir(): Argument #2 ($sorting_order) must be one of PHP_SCANDIR_SORT_ASCENDING, or SCANDIR_SORT_NONE
 array(4) {
   [0]=>
   string(1) "."
diff --git a/ext/standard/tests/dir/scandir_variation9.phpt b/ext/standard/tests/dir/scandir_variation9.phpt
index 0df920680dd4c..1daaa5e2bdca4 100644
--- a/ext/standard/tests/dir/scandir_variation9.phpt
+++ b/ext/standard/tests/dir/scandir_variation9.phpt
@@ -48,4 +48,4 @@ array(4) {
   string(9) "file1.tmp"
   [3]=>
   string(9) "file2.tmp"
-}
\ No newline at end of file
+}