Description:
------------
Versions: 5.2, 5.3, 5.4, also confirmed on latest git master (78acb84b6e8fc07974283ce30c24596444d18cf7)

PHP will crash with a Segmentation Fault after imap_reopen() fails with the error message "imap_reopen(): Couldn't re-open stream ..."

When the UW-IMAP function 'mail_open' returns NIL after having been passed a valid MAILSTREAM pointer, this means UW-IMAP closed and freed the MAILSTREAM.  However, PHP ignores this and returns FALSE without zeroing out imap_le_struct->imap_stream and calling zend_list_delete on the resource.

Because the resource was not freed, mail_close_it (the resource destructor) gets called on an invalid pointer during request shutdown.  If you're lucky, this crashes PHP with a Segmentation Fault.  (If you're unlucky, you've got a corrupt PHP interpreter handling new requests...)


Test script:
---------------
<?php

/* This should succeed */
$imap = imap_open("INBOX", "", "");

echo "imap_open returned: ";
var_dump($imap);

/* This should fail */
$reopen = imap_reopen($imap, "{this*connection*will*fail}");

echo "imap_reopen returned: ";
var_dump($reopen);
flush();

/* Brace yourself for a segfault. UW-IMAP freed the MAILSTREAM structure,
 * but PHP did not null out the pointer or free the resource.  When the
 * script exits, it will call the resource destructor (mail_close_it)
 * on a pointer that was already freed.
 */

?>


Expected result:
----------------
No crash.

Actual result:
--------------
$ /tmp/z/bin/php -v
PHP 5.6.0-dev (cli) (built: Mar 20 2013 12:13:31) 
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.6.0-dev, Copyright (c) 1998-2013 Zend Technologies


$ /tmp/z/bin/php imap-crash.php 
imap_open returned: resource(4) of type (imap)

Warning: imap_reopen(): Couldn't re-open stream in /tmp/imap-crash.php on line 10
imap_reopen returned: bool(false)
Segmentation fault (core dumped)