From e19deac4e414ec4388dab2fcfc8f0d61fc37c4fd Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Tue, 29 Mar 2022 11:48:40 +0200
Subject: [PATCH] Fix #81714: segfault when serializing finalized HashContext

We must not allow to serialize already finalized `HashContext`s, since
the internal context is already freed.  Since there is not much point
in serializing finalized `HashContext`s, we just bail out in that case.
---
 ext/hash/hash.c              |  3 +++
 ext/hash/tests/bug81714.phpt | 14 ++++++++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 ext/hash/tests/bug81714.phpt

diff --git a/ext/hash/hash.c b/ext/hash/hash.c
index 4e3820f35e6b4..a1ce4ffd17063 100644
--- a/ext/hash/hash.c
+++ b/ext/hash/hash.c
@@ -227,6 +227,9 @@ PHP_HASH_API int php_hash_serialize_spec(const php_hashcontext_object *hash, zva
 	size_t pos = 0, max_alignment = 1;
 	unsigned char *buf = (unsigned char *) hash->context;
 	zval tmp;
+	if (buf == NULL) {
+		return FAILURE;
+	}
 	array_init(zv);
 	while (*spec != '\0' && *spec != '.') {
 		char spec_ch = *spec;
diff --git a/ext/hash/tests/bug81714.phpt b/ext/hash/tests/bug81714.phpt
new file mode 100644
index 0000000000000..a151bda6884e1
--- /dev/null
+++ b/ext/hash/tests/bug81714.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Bug #81714 (segfault when serializing finalized HashContext)
+--FILE--
+<?php
+$h = hash_init('md5');
+hash_final($h);
+try {
+    serialize($h);
+} catch (Exception $ex) {
+    var_dump($ex->getMessage());
+}
+?>
+--EXPECTF--
+string(52) "HashContext for algorithm "md5" cannot be serialized"