Fix #18542: unserialize() respects class_alias for private properties

When a class with private properties is serialized, the property names
are mangled as \0ClassName\0propName. If the class is later aliased via
class_alias(), unserialize() fails to match the mangled class name
against the actual class entry, causing properties to be treated as
dynamic instead of declared.

This adds a fallback check in is_property_visibility_changed() that
uses zend_hash_str_find_ptr_lc() to look up the mangled class name in
EG(class_table) and verify it resolves to the same zend_class_entry.
This is only triggered when the direct name comparison fails, so there
is zero overhead on the normal (non-alias) path.

Closes GH-18542

Author: devhakan

ext/standard/tests/serialize/unserialize_class_alias_private_props.phpt

@@ -0,0 +1,57 @@
+--TEST--
+unserialize() respects class_alias for private properties
+--FILE--
+<?php
+
+// Test 1: Basic class_alias with private property
+class HelloAlias {
+    public function __construct(
+        private readonly int $answer = 0
+    ) {}
+
+    public function getAnswer(): int {
+        return $this->answer;
+    }
+}
+class_alias(HelloAlias::class, 'Hello');
+
+$serialized = 'O:5:"Hello":1:{s:13:"' . "\0Hello\0" . 'answer";i:42;}';
+$obj = unserialize($serialized);
+var_dump($obj instanceof HelloAlias);
+var_dump($obj->getAnswer());
+
+// Test 2: Protected property (should continue to work)
+class ProtoAlias {
+    public function __construct(
+        protected int $value = 0
+    ) {}
+    public function getValue(): int { return $this->value; }
+}
+class_alias(ProtoAlias::class, 'Proto');
+
+$serialized2 = 'O:5:"Proto":1:{s:8:"' . "\0*\0" . 'value";i:99;}';
+$obj2 = unserialize($serialized2);
+var_dump($obj2 instanceof ProtoAlias);
+var_dump($obj2->getValue());
+
+// Test 3: Public property (should continue to work)
+class PubAlias {
+    public int $data = 0;
+}
+class_alias(PubAlias::class, 'Pub');
+
+$serialized3 = 'O:3:"Pub":1:{s:4:"data";i:77;}';
+$obj3 = unserialize($serialized3);
+var_dump($obj3 instanceof PubAlias);
+var_dump($obj3->data);
+
+echo "Done\n";
+?>
+--EXPECT--
+bool(true)
+int(42)
+bool(true)
+int(99)
+bool(true)
+int(77)
+Done

ext/standard/var_unserializer.re

@@ -546,7 +546,8 @@ static int is_property_visibility_changed(zend_class_entry *ce, zval *key)
 			existing_propinfo = zend_hash_find_ptr(&ce->properties_info, Z_STR_P(key));
 		} else {
 			if (!strcmp(unmangled_class, "*")
-			 || !strcasecmp(unmangled_class, ZSTR_VAL(ce->name))) {
+			 || !strcasecmp(unmangled_class, ZSTR_VAL(ce->name))
+			 || zend_hash_str_find_ptr_lc(EG(class_table), unmangled_class, strlen(unmangled_class)) == ce) {
 				existing_propinfo = zend_hash_str_find_ptr(
 					&ce->properties_info, unmangled_prop, unmangled_prop_len);
 			}