Do not attempt to wipe output buffer if it is NULL

If the output buffer is NULL, it either: * Does not need wiping because it is zero-length. * Has failed allocation of a copy. * Has not yet been written to as a copy hasn't been allocated. In any of these circumstances, we should not try to write the buffer, so perform a NULL check before wiping it. Signed-off-by: David Horstmann <david.horstmann@arm.com>
2025-03-15 19:20:55 +00:00 · 2024-03-11 17:02:03 +00:00 · 2024-03-11 17:02:03 +00:00 · c5064c83a1
commit c5064c83a1
parent 5ba3f5f7a5
1 changed files with 4 additions and 2 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -3658,8 +3658,10 @@ psa_status_t psa_sign_hash_complete(

 exit:

-    psa_wipe_tag_output_buffer(signature, status, signature_size,
-                               *signature_length);
+    if (signature != NULL) {
+        psa_wipe_tag_output_buffer(signature, status, signature_size,
+                                   *signature_length);
+    }

    if (status != PSA_OPERATION_INCOMPLETE) {
        if (status != PSA_SUCCESS) {