From 6f8bda0582087fa04666dd1e9f460fc72a3cc306 Mon Sep 17 00:00:00 2001
From: icy17 <1061499390@qq.com>
Date: Mon, 8 Apr 2024 14:49:17 +0800
Subject: [PATCH] Fix potential NULL pointer dereference before calling
 EVP_SignInit

Closes GH-13870.
---
 NEWS            | 1 +
 ext/phar/util.c | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/NEWS b/NEWS
index 87b5472d850..47b3f5efb3a 100644
--- a/NEWS
+++ b/NEWS
@@ -22,6 +22,7 @@ PHP                                                                        NEWS
     filename causes a NULL pointer dereference). (nielsdos)
   . Fixed bug GH-13833 (Applying zero offset to null pointer in zend_hash.c).
     (nielsdos)
+  . Fix potential NULL pointer dereference before calling EVP_SignInit. (icy17)
 
 - PHPDBG:
   . Fixed bug GH-13827 (Null pointer access of type 'zval' in phpdbg_frame).
diff --git a/ext/phar/util.c b/ext/phar/util.c
index 003d579bb9a..352819bc934 100644
--- a/ext/phar/util.c
+++ b/ext/phar/util.c
@@ -1884,6 +1884,13 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
 			}
 
 			md_ctx = EVP_MD_CTX_create();
+			if (md_ctx == NULL) {
+				EVP_PKEY_free(key);
+				if (error) {
+					spprintf(error, 0, "unable to initialize openssl signature for phar \"%s\"", phar->fname);
+				}
+				return FAILURE;
+			}
 
 			siglen = EVP_PKEY_size(key);
 			sigbuf = emalloc(siglen + 1);