From c32c3f2653e6c6ac42e09a83a2f51f8667827a04 Mon Sep 17 00:00:00 2001
From: Neil Horman <nhorman@openssl.org>
Date: Fri, 1 Sep 2023 12:13:19 -0400
Subject: [PATCH] Fix aes_gcm_siv dupctx function

This cipher family has a dupctx function, but was failing because it was
attempting to memdup a field only if it was null

Fix the conditional check to get it working again

Fixes #21887

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21933)
---
 providers/implementations/ciphers/cipher_aes_gcm_siv.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/providers/implementations/ciphers/cipher_aes_gcm_siv.c b/providers/implementations/ciphers/cipher_aes_gcm_siv.c
index 64f7f95039b..2d4fd886583 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm_siv.c
+++ b/providers/implementations/ciphers/cipher_aes_gcm_siv.c
@@ -71,7 +71,7 @@ static void *ossl_aes_gcm_siv_dupctx(void *vctx)
     ret->aad = NULL;
     ret->ecb_ctx = NULL;
 
-    if (in->aad == NULL) {
+    if (in->aad != NULL) {
         if ((ret->aad = OPENSSL_memdup(in->aad, UP16(ret->aad_len))) == NULL)
             goto err;
     }
-- 
2.47.2