I think this pattern is also present in SHA-* and other modules as it's essentially C/C a b it everywhere.

Not sure what C/C a b is, but the pattern is indeed the same. E.g.

There thehash_state is also set to NULL, not sure why that is.

C/C a b is

it was meant to be a "C/C a bit" and I used C/C for "carbon copy" (which is essentially to mean "copy-paste" for me)

There the hash_state is also set to NULL, not sure why that is.

Likely to prevent a double-free (I don't know if it was me or tiran/gpshead who added this)

Actually it was me in261633b. I just forgot about the MD5 one I think.

1. Please add a small NEWS entry.
2. If you find other issues in MD5, you can include them here as well. Same for SHA-*, BLAKE2 and HMAC.

Oh and please also put the state to NULL just to prevent a possible double-free