From ec95cc94890d77cb320549e61b5d413a40e04195 Mon Sep 17 00:00:00 2001
From: Paul Elliott <paul.elliott@arm.com>
Date: Sun, 19 Sep 2021 22:33:09 +0100
Subject: [PATCH] Add safety for NULL tag being passed to finish

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
---
 library/psa_crypto.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b5efc2de0..664b8aecc 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3760,10 +3760,13 @@ exit:
      * Even if the operation succeeds, make sure we clear the rest of the
      * buffer to prevent potential leakage of anything previously placed in
      * the same buffer.*/
-    if( status != PSA_SUCCESS )
-        memset( tag, '!', tag_size );
-    else if( *tag_length < tag_size )
-        memset( tag + *tag_length, '!', ( tag_size - *tag_length ) );
+    if( tag )
+    {
+        if( status != PSA_SUCCESS )
+            memset( tag, '!', tag_size );
+        else if( *tag_length < tag_size )
+            memset( tag + *tag_length, '!', ( tag_size - *tag_length ) );
+    }
 
     psa_aead_abort( operation );