From d997e7ad9a1462d6241d3e817b2c467e2c554a0c Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Tue, 20 Feb 2024 11:24:07 +0000
Subject: [PATCH] Check output allocated before randomising

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b78e8696bb..df43593934 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -7429,7 +7429,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
                                             output_length);
 
 exit:
-    if (status != PSA_SUCCESS) {
+    if (status != PSA_SUCCESS && output != NULL) {
         /* If an error happens and is not handled properly, the output
          * may be used as a key to protect sensitive data. Arrange for such
          * a key to be random, which is likely to result in decryption or