SLH_DSA: signing operation incorrectly returned 1 on failure.

Initially Reported by Zehua qiao

Fixes #30414

A block copy bug incorrectly set ret = 1 straight after assigning
ret.

Setting the *sig_len has been delayed to the err path in case
WPACKET_finish fails.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Wed Mar 18 07:21:32 2026
(Merged from https://github.com/openssl/openssl/pull/30438)

diff --git a/crypto/slh_dsa/slh_dsa.c b/crypto/slh_dsa/slh_dsa.c
index 77c20daceb34f87ba0bf7bcf6fa4c37798af9d96..36d0a615314d279970e1c752fc21a2656e0768f8 100644 (file)
--- a/crypto/slh_dsa/slh_dsa.c
+++ b/crypto/slh_dsa/slh_dsa.c
@@ -119,11 +119,11 @@ static int slh_sign_internal(SLH_DSA_HASH_CTX *hctx,
         /* Generate ht signature and append to the SLH-DSA signature */
         && ossl_slh_ht_sign(hctx, pk_fors, sk_seed, pk_seed, tree_id, leaf_id,
             wpkt);
-    *sig_len = sig_len_expected;
-    ret = 1;
 err:
     if (!WPACKET_finish(wpkt))
         ret = 0;
+    if (ret)
+        *sig_len = sig_len_expected;
     return ret;
 }