From 650b142c2e4c1d57868bdbbe1f7f4549ee77f8eb Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 21 Apr 2022 17:07:40 +0200
Subject: [PATCH] siphash: Fail finalization on uninitialized siphash context

Fixes #18140

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18142)
---
 crypto/siphash/siphash.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/siphash/siphash.c b/crypto/siphash/siphash.c
index 7584255709d..bb4c3925af9 100644
--- a/crypto/siphash/siphash.c
+++ b/crypto/siphash/siphash.c
@@ -204,7 +204,7 @@ int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen)
     uint64_t v2 = ctx->v2;
     uint64_t v3 = ctx->v3;
 
-    if (outlen != (size_t)ctx->hash_size)
+    if (ctx->crounds == 0 || outlen == 0 || outlen != (size_t)ctx->hash_size)
         return 0;
 
     switch (ctx->len) {
-- 
2.47.2