Commit 8204d4b5db7 for php.net

commit 8204d4b5db7f69c5f36fe1c9c7b3b1cd19be1332
Author: Jarne Clauw <67628242+JarneClauw@users.noreply.github.com>
Date:   Thu Jun 25 09:07:09 2026 +0200

    Fixing memory leak in openssl_pkcs12_read when zout initialisation fails (#21752)

    * Fixing memory leak

    * Simplified cleanup and adding test

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index cd16db03b8d..36d5a7ccb73 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -2859,6 +2859,7 @@ PHP_FUNCTION(openssl_pkcs12_read)

 		zout = zend_try_array_init(zout);
 		if (!zout) {
+			sk_X509_pop_free(ca, X509_free);
 			goto cleanup;
 		}

diff --git a/ext/openssl/tests/openssl_pkcs12_read_array_init.phpt b/ext/openssl/tests/openssl_pkcs12_read_array_init.phpt
new file mode 100644
index 00000000000..b57cd32b686
--- /dev/null
+++ b/ext/openssl/tests/openssl_pkcs12_read_array_init.phpt
@@ -0,0 +1,23 @@
+--TEST--
+Memory leak when array initialization in openssl_pkcs12_read() fails
+--EXTENSIONS--
+openssl
+--FILE--
+<?php
+$pfx = __DIR__ . DIRECTORY_SEPARATOR . "bug74022.pfx";
+$cert_store = file_get_contents($pfx);
+
+class Typed {
+    public string $foo = "bar";
+}
+
+$typed = new Typed;
+
+try {
+    openssl_pkcs12_read($cert_store, $typed->foo, "csos");
+} catch (TypeError $e) {
+    echo $e::class, ": ", $e->getMessage(), "\n";
+}
+?>
+--EXPECT--
+TypeError: Cannot assign array to reference held by property Typed::$foo of type string