The handling of sig=NULL was broken in this function, but since it
is only used internally and was never called with sig=NULL, it is
better to return an error in that case.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23529)
BIGNUM *kinv = NULL, *r = NULL;
int ret = 0;
+ if (sig == NULL) {
+ ERR_raise(ERR_LIB_EC, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+
*siglen = 0;
if (!ecdsa_sign_setup(eckey, NULL, &kinv, &r, dgst, dlen,
nonce_type, digestname, libctx, propq))
if (s == NULL)
goto end;
- *siglen = i2d_ECDSA_SIG(s, sig != NULL ? &sig : NULL);
+ *siglen = i2d_ECDSA_SIG(s, &sig);
ECDSA_SIG_free(s);
ret = 1;
end: