EVP_DigestSignFinal: *siglen should not be read if sigret == NULL

This fixes small regression from #16962.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17460)

diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index e034189bb56a679d66abcf244850c9a05826aa26..0993de0937722cb520b8b4588bdc63566beb3faa 100644 (file)
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -480,14 +480,14 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
     if (sigret == NULL || (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0)
         return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx,
                                                          sigret, siglen,
-                                                         (siglen == NULL) ? 0 : *siglen);
+                                                         sigret == NULL ? 0 : *siglen);
     dctx = EVP_PKEY_CTX_dup(pctx);
     if (dctx == NULL)
         return 0;
 
     r = dctx->op.sig.signature->digest_sign_final(dctx->op.sig.algctx,
                                                   sigret, siglen,
-                                                  (siglen == NULL) ? 0 : *siglen);
+                                                  *siglen);
     EVP_PKEY_CTX_free(dctx);
     return r;