From 32ab4d27846eea38e9383e440c8c9410f3760c89 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sun, 28 Jan 2024 20:57:15 +0000
Subject: Avoid calling EVP_CIPHER_CTX_reset() on a NULL ctx

---
 src/lib/libcrypto/cmac/cmac.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/cmac/cmac.c b/src/lib/libcrypto/cmac/cmac.c
index 29f5048897..42f630c149 100644
--- a/src/lib/libcrypto/cmac/cmac.c
+++ b/src/lib/libcrypto/cmac/cmac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cmac.c,v 1.19 2024/01/28 14:55:40 joshua Exp $ */
+/* $OpenBSD: cmac.c,v 1.20 2024/01/28 20:57:15 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -131,7 +131,8 @@ LCRYPTO_ALIAS(CMAC_CTX_new);
 void
 CMAC_CTX_cleanup(CMAC_CTX *ctx)
 {
-	EVP_CIPHER_CTX_reset(ctx->cipher_ctx);
+	if (ctx->cipher_ctx != NULL)
+		EVP_CIPHER_CTX_reset(ctx->cipher_ctx);
 	explicit_bzero(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
 	explicit_bzero(ctx->k1, EVP_MAX_BLOCK_LENGTH);
 	explicit_bzero(ctx->k2, EVP_MAX_BLOCK_LENGTH);
-- 
cgit v1.2.3-55-g6feb