From 5295b99b5606e3502b9af06a2cf54acf2187a34a Mon Sep 17 00:00:00 2001
From: Benjamin Kaduk <kaduk@mit.edu>
Date: Sun, 17 Jun 2018 20:00:02 -0500
Subject: [PATCH] ecdsa_ossl: address coverity nit

BN_CTX_end() does not handle NULL input, so we must manually check
before calling from the cleanup handler.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6502)
---
 crypto/ec/ecdsa_ossl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c
index 277ac16bdf..dfb0d192d9 100644
--- a/crypto/ec/ecdsa_ossl.c
+++ b/crypto/ec/ecdsa_ossl.c
@@ -336,7 +336,8 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
         ECDSA_SIG_free(ret);
         ret = NULL;
     }
-    BN_CTX_end(ctx);
+    if (ctx != NULL)
+        BN_CTX_end(ctx);
     BN_CTX_free(ctx);
     BN_clear_free(kinv);
     return ret;
-- 
2.34.1