From 74ee3bac78ea35d11536d29c7fe3aefff6efbafc Mon Sep 17 00:00:00 2001
From: Giovanni Giacobbi <giovanni@giacobbi.net>
Date: Sun, 21 Dec 2025 12:17:50 +0100
Subject: [PATCH] Use EVP_MD_CTX_destroy() instead of EVP_MD_CTX_free() for
 compatibility and consistency

---
 ext/phar/util.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ext/phar/util.c b/ext/phar/util.c
index c69f830e62805..4b9ff1cb58ba4 100644
--- a/ext/phar/util.c
+++ b/ext/phar/util.c
@@ -1905,7 +1905,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
 
 			if (!EVP_SignInit(md_ctx, mdtype)) {
 				EVP_PKEY_free(key);
-				EVP_MD_CTX_free(md_ctx);
+				EVP_MD_CTX_destroy(md_ctx);
 				efree(sigbuf);
 				if (error) {
 					spprintf(error, 0, "unable to initialize openssl signature for phar \"%s\"", phar->fname);
@@ -1916,7 +1916,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
 			while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) {
 				if (!EVP_SignUpdate(md_ctx, buf, sig_len)) {
 					EVP_PKEY_free(key);
-					EVP_MD_CTX_free(md_ctx);
+					EVP_MD_CTX_destroy(md_ctx);
 					efree(sigbuf);
 					if (error) {
 						spprintf(error, 0, "unable to update the openssl signature for phar \"%s\"", phar->fname);
@@ -1927,7 +1927,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
 
 			if (!EVP_SignFinal (md_ctx, sigbuf, &siglen, key)) {
 				EVP_PKEY_free(key);
-				EVP_MD_CTX_free(md_ctx);
+				EVP_MD_CTX_destroy(md_ctx);
 				efree(sigbuf);
 				if (error) {
 					spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname);
@@ -1937,7 +1937,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
 
 			sigbuf[siglen] = '\0';
 			EVP_PKEY_free(key);
-			EVP_MD_CTX_free(md_ctx);
+			EVP_MD_CTX_destroy(md_ctx);
 #else
 			size_t siglen;
 			sigbuf = NULL;