2 files changed, 18 insertions, 2 deletions

diff --git a/ext/intl/idn/idn.c b/ext/intl/idn/idn.c
index 99c7bd7331..fd05600731 100644
--- a/ext/intl/idn/idn.c
+++ b/ext/intl/idn/idn.c
@@ -138,7 +138,7 @@ static void php_intl_idn_to_46(INTERNAL_FUNCTION_PARAMETERS,
 	UErrorCode	  status = U_ZERO_ERROR;
 	UIDNA		  *uts46;
 	int32_t		  len;
-	int32_t		  buffer_capac = 255; /* no domain name may exceed this */
+	int32_t		  buffer_capac = 252*4; /* no domain name may exceed this */
 	zend_string	  *buffer = zend_string_alloc(buffer_capac, 0);
 	UIDNAInfo	  info = UIDNA_INFO_INITIALIZER;
 	int			  buffer_used = 0;
@@ -156,7 +156,7 @@ static void php_intl_idn_to_46(INTERNAL_FUNCTION_PARAMETERS,
 		len = uidna_nameToUnicodeUTF8(uts46, ZSTR_VAL(domain), ZSTR_LEN(domain),
 				ZSTR_VAL(buffer), buffer_capac, &info, &status);
 	}
-	if (len >= 255 || php_intl_idn_check_status(status, "failed to convert name") == FAILURE) {
+	if (len >= 252*4 || php_intl_idn_check_status(status, "failed to convert name") == FAILURE) {
 		uidna_close(uts46);
 		zend_string_efree(buffer);
 		RETURN_FALSE;
diff --git a/ext/intl/tests/idn_bug76829.phpt b/ext/intl/tests/idn_bug76829.phpt
new file mode 100644
index 0000000000..a751c61d71
--- /dev/null
+++ b/ext/intl/tests/idn_bug76829.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Bug #76829 Incorrect validation of domain on idn_to_utf8() function
+--SKIPIF--
+<?php if( !extension_loaded( 'intl' ) ) print 'skip'; ?>
+--FILE--
+<?php
+
+$punycode = idn_to_ascii('абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаеж.рф', IDNA_DEFAULT, INTL_IDNA_VARIANT_UTS46);
+
+$unicode = idn_to_utf8($punycode, IDNA_DEFAULT, INTL_IDNA_VARIANT_UTS46);
+
+var_dump($unicode);
+
+?>
+--EXPECT--
+string(294) "абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаежзи.абвгдаеж.рф"