From 26d1c43821c0a4d5cc3edbae15ae5f9848f06409 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Tue, 20 Feb 2024 11:26:55 +0000
Subject: [PATCH] Check output allocated before randomising

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 319ad83128..994f9a950d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5332,7 +5332,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
                                             output_length);
 
 exit:
-    if (status != PSA_SUCCESS) {
+    if (status != PSA_SUCCESS && output != NULL) {
         /* If an error happens and is not handled properly, the output
          * may be used as a key to protect sensitive data. Arrange for such
          * a key to be random, which is likely to result in decryption or