diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 25cc23893f..02aa0eb279 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -8522,6 +8522,12 @@ error:
 psa_status_t psa_crypto_copy_and_free(psa_crypto_buffer_copy_t *buffers)
 {
     if (buffers->output != NULL) {
+        if (buffers->output_original == NULL) {
+            /* Output is non-NULL but original output is NULL. The argument
+             * buffers is invalid. Return an error as we have no original to
+             * copy back to. */
+            return PSA_ERROR_INVALID_ARGUMENT;
+        }
         memcpy(buffers->output_original, buffers->output, buffers->output_len);
     }
 
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d6b2942805..81ad333b67 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -7466,3 +7466,9 @@ psa_crypto_copy_and_free:1:0:0:20:0:PSA_SUCCESS
 
 PSA buffers copy and free, null output
 psa_crypto_copy_and_free:0:20:1:0:0:PSA_SUCCESS
+
+PSA buffers copy and free, null output_original
+psa_crypto_copy_and_free:0:20:0:20:1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA buffers copy and free, null output_original and null output
+psa_crypto_copy_and_free:0:20:1:0:1:PSA_SUCCESS