From 888063e66d7d4fbbb7ce52ec626a6200a4d219f5 Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Tue, 3 Jun 2025 21:19:15 +0200
Subject: [PATCH] Fix memory leak of X509_STORE in php_openssl_setup_verify()
 on failure

---
 ext/openssl/openssl.c                         |  1 +
 ext/openssl/tests/memory_leak_x509_store.phpt | 22 +++++++++++++++++++
 2 files changed, 23 insertions(+)
 create mode 100644 ext/openssl/tests/memory_leak_x509_store.phpt

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index c978859b7ec00..718f946ad176d 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -2421,6 +2421,7 @@ static X509_STORE *php_openssl_setup_verify(zval *calist, uint32_t arg_num)
 		ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(calist), item) {
 			zend_string *str = zval_try_get_string(item);
 			if (UNEXPECTED(!str)) {
+				X509_STORE_free(store);
 				return NULL;
 			}
 
diff --git a/ext/openssl/tests/memory_leak_x509_store.phpt b/ext/openssl/tests/memory_leak_x509_store.phpt
new file mode 100644
index 0000000000000..bc9b113602a33
--- /dev/null
+++ b/ext/openssl/tests/memory_leak_x509_store.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Memory leak of X509_STORE in php_openssl_setup_verify() on failure
+--EXTENSIONS--
+openssl
+--FILE--
+<?php
+
+class MyStringable{
+    public function __toString(): string {
+        throw new Error('stop');
+    }
+}
+
+try {
+    openssl_pkcs7_verify("does not matter", 0, "does not matter", [new MyStringable]);
+} catch (Error $e) {
+    echo $e->getMessage(), "\n";
+}
+
+?>
+--EXPECT--
+stop