Merge branch 'PHP-8.5'

* PHP-8.5:
  Fix regression with header removal removing whole prefixes (#21020)

Author: NattyNarwhal

ext/standard/tests/general_functions/gh21018.phpt

@@ -0,0 +1,21 @@
+--TEST--
+GH-21018 (header() removes headers with the same prefix)
+--INI--
+expose_php=On
+--CGI--
+--FILE--
+<?php
+header('a: 1');
+header('a-test: 1');
+header('a: 1');
+var_dump(headers_list());
+?>
+--EXPECTF--
+array(3) {
+  [0]=>
+  string(%d) "X-Powered-By: PHP/%s"
+  [1]=>
+  string(9) "a-test: 1"
+  [2]=>
+  string(4) "a: 1"
+}

main/SAPI.c

@@ -601,7 +601,7 @@ static void sapi_update_response_code(int ncode)
  * since zend_llist_del_element only removes one matched item once,
  * we should remove them manually
  */
-static void sapi_remove_header(zend_llist *l, char *name, size_t len, size_t header_len)
+static void sapi_remove_header(zend_llist *l, char *name, size_t len, size_t prefix_len)
 {
 	sapi_header_struct *header;
 	zend_llist_element *next;
@@ -610,8 +610,13 @@ static void sapi_remove_header(zend_llist *l, char *name, size_t len, size_t hea
 	while (current) {
 		header = (sapi_header_struct *)(current->data);
 		next = current->next;
-		if (header->header_len > header_len
-				&& (header->header[header_len] == ':' || len > header_len)
+		/*
+		 * prefix_len is set for DELETE_PREFIX (used for deleting i.e.
+		 * "Set-Cookie: PHPSESSID=", where we need more than just key)
+		 * look for the : otherwise
+		 */
+		if (header->header_len > len
+				&& (header->header[len] == ':' || (prefix_len && len > prefix_len))
 				&& !strncasecmp(header->header, name, len)) {
 			if (current->prev) {
 				current->prev->next = next;