From ae7206eb3b0153d126e8d5241e4f8a5aaeb9101b Mon Sep 17 00:00:00 2001 From: Pieter Eendebak Date: Fri, 6 Mar 2026 23:24:20 +0100 Subject: [PATCH] [3.13] gh-145376: Fix crashes in md5module.c (GH-145422) (#145611) MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit * gh-145376: Fix crashes in md5module.c Fix a possible NULL pointer dereference in `md5module.c`. This can only occur in error paths taken when the interpreter fails to allocate memory. (cherry-picked from c1d77683213c400fca144692654845e6f5418981) * 📜🤖 Added by blurb_it. * Update Modules/md5module.c --------- Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com> --- .../Library/2026-03-06-20-17-45.gh-issue-145376.0F7HFq.rst | 1 + Modules/md5module.c | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 Misc/NEWS.d/next/Library/2026-03-06-20-17-45.gh-issue-145376.0F7HFq.rst diff --git a/Misc/NEWS.d/next/Library/2026-03-06-20-17-45.gh-issue-145376.0F7HFq.rst b/Misc/NEWS.d/next/Library/2026-03-06-20-17-45.gh-issue-145376.0F7HFq.rst new file mode 100644 index 000000000000..aeba8c01fcf6 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2026-03-06-20-17-45.gh-issue-145376.0F7HFq.rst @@ -0,0 +1 @@ +Fix null pointer dereference in unusual error scenario in :mod:`hashlib`. diff --git a/Modules/md5module.c b/Modules/md5module.c index 7d41f0a3a514..c56fa5fc13e3 100644 --- a/Modules/md5module.c +++ b/Modules/md5module.c @@ -84,7 +84,10 @@ MD5_traverse(PyObject *ptr, visitproc visit, void *arg) static void MD5_dealloc(MD5object *ptr) { - Hacl_Hash_MD5_free(ptr->hash_state); + if (ptr->hash_state != NULL) { + Hacl_Hash_MD5_free(ptr->hash_state); + ptr->hash_state = NULL; + } PyTypeObject *tp = Py_TYPE((PyObject*)ptr); PyObject_GC_UnTrack(ptr); PyObject_GC_Del(ptr); -- 2.47.3