From 1702375939a1fa59b6902dbe2aff94d2e58d6dfa Mon Sep 17 00:00:00 2001 From: Aidan Keefe Date: Thu, 28 May 2026 12:16:59 -0600 Subject: [PATCH] F-3312 added condition to handle empty string as null ptr explicitly and initialized function variable to avoid possible future UB. And fix formatting --- src/x509/clu_x509_sign.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/x509/clu_x509_sign.c b/src/x509/clu_x509_sign.c index 0145416e..34b51ef3 100644 --- a/src/x509/clu_x509_sign.c +++ b/src/x509/clu_x509_sign.c @@ -3,7 +3,6 @@ * Copyright (C) 2006-2025 wolfSSL Inc. * * This file is part of wolfSSL. - * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or @@ -1061,7 +1060,7 @@ int wolfCLU_CertSignSetOut(WOLFCLU_CERT_SIGN* csign, char* out) int wolfCLU_CertSignAppendOut(WOLFCLU_CERT_SIGN* csign, char* out) { int ret = WOLFCLU_SUCCESS; - int outSz; + int outSz = 0; char* s = NULL; if (csign == NULL) { @@ -1071,6 +1070,13 @@ int wolfCLU_CertSignAppendOut(WOLFCLU_CERT_SIGN* csign, char* out) if (ret == WOLFCLU_SUCCESS && out != NULL) { outSz = (int)XSTRLEN(out); } + /* case where outDir is set to an empty string we want to treat it as + * a null pointer in the rest of the function logic so free it + * then set it to a null ptr.*/ + if (ret == WOLFCLU_SUCCESS && csign->outDir != NULL + && csign->outDir[0] == '\0') { + ret = wolfCLU_CertSignSetOut(csign, NULL); + } /* case 1 where no dir is set and just using 'out' */ if (ret == WOLFCLU_SUCCESS && csign->outDir == NULL && out != NULL) {