From: Neil Horman <nhorman@openssl.org>
Date: Fri, 1 Sep 2023 16:13:19 +0000 (-0400)
Subject: Fix aes_gcm_siv dupctx function
X-Git-Tag: openssl-3.2.0-alpha2~92
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c32c3f2653e6c6ac42e09a83a2f51f8667827a04;p=thirdparty%2Fopenssl.git

Fix aes_gcm_siv dupctx function

This cipher family has a dupctx function, but was failing because it was
attempting to memdup a field only if it was null

Fix the conditional check to get it working again

Fixes #21887

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21933)
---

diff --git a/providers/implementations/ciphers/cipher_aes_gcm_siv.c b/providers/implementations/ciphers/cipher_aes_gcm_siv.c
index 64f7f95039b..2d4fd886583 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm_siv.c
+++ b/providers/implementations/ciphers/cipher_aes_gcm_siv.c
@@ -71,7 +71,7 @@ static void *ossl_aes_gcm_siv_dupctx(void *vctx)
     ret->aad = NULL;
     ret->ecb_ctx = NULL;
 
-    if (in->aad == NULL) {
+    if (in->aad != NULL) {
         if ((ret->aad = OPENSSL_memdup(in->aad, UP16(ret->aad_len))) == NULL)
             goto err;
     }