It was found that big locale string causes stack based overflow inside libicu.
Created mingw-icu tracking bugs for this issue:
Affects: fedora-all [bug 1377363]
Affects: epel-7 [bug 1377364]
Created icu tracking bugs for this issue:
Affects: fedora-all [bug 1377362]
If there is an upstream icu bug, it is still private. I have attempted to repro on rhel-7.2 based on variants of the PHP function, but no success so far.
PHP upstream crash report shows a stack overflow in Locale::Locale(char*). RHEL builds icu with -fstack-protector, which prevents traditional code execution vectors through stack smashing. I don't see any dangerous adjacent stack contents in that constructor, so the impact here is limited to a crash.
Upstream bug (ICU) (private as at 2016-11-04):