From afa22d1eec788d5e1a98d672dfb27f41ef466989 Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+ndossche@users.noreply.github.com>
Date: Thu, 22 Jan 2026 22:16:02 +0100
Subject: [PATCH] Fix crash when in openssl_x509_parse() when
 i2s_ASN1_INTEGER() fails

The X509_NAME_oneline() function can return NULL,
which will cause a crash when the string length is computed via add_assoc_string().
---
 ext/openssl/openssl.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index e514ebeeaba59..01f7e73db5764 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -2166,6 +2166,12 @@ PHP_FUNCTION(openssl_x509_parse)
 	}
 
 	str_serial = i2s_ASN1_INTEGER(NULL, asn1_serial);
+	/* Can return NULL on error or memory allocation failure */
+	if (!str_serial) {
+		php_openssl_store_errors();
+		goto err;
+	}
+
 	add_assoc_string(return_value, "serialNumber", str_serial);
 	OPENSSL_free(str_serial);