From 0caed02db765a0d3e30dc4c6a2274835971f5d4b Mon Sep 17 00:00:00 2001
From: Radim Smat <rsmat@ra.rockwell.com>
Date: Fri, 5 Mar 2021 12:04:30 +0100
Subject: [PATCH 1/5] Fixed CID 576609.

---
 src/ssl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/ssl.c b/src/ssl.c
index 36acaaac2..dc97170c1 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -16113,7 +16113,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
         }
 
         if (len < 0) {
-            len = (int)XSTRLEN((const char*)buf);
+            /* The length of the string including terminating null. */
+            len = (int)XSTRLEN((const char*)buf) + 1;
         }
         bio->num = bio->wrSz = len;
         bio->ptr = (byte*)XMALLOC(len, 0, DYNAMIC_TYPE_OPENSSL);

From 8539e8c1706782725676d17c3994ce203620f1c8 Mon Sep 17 00:00:00 2001
From: Radim Smat <rsmat@ra.rockwell.com>
Date: Fri, 5 Mar 2021 12:10:40 +0100
Subject: [PATCH 2/5] Fixed CID 584000.

---
 src/ssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl.c b/src/ssl.c
index dc97170c1..a4ef05752 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -47482,7 +47482,7 @@ int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1,
         XFREE(asn1->data, NULL, DYNAMIC_TYPE_OPENSSL);
         asn1->isDynamic = 0;
     }
-    XMEMSET(asn1->intData, 0, sizeof(WOLFSSL_ASN1_INTEGER));
+    XMEMSET(asn1->intData, 0, sizeof(WOLFSSL_ASN1_INTEGER_MAX));
     asn1->data = asn1->intData;
     asn1->length = 0;
     asn1->negative = 0;

From 8588998234d9da01a718d96a9994d2efc904db80 Mon Sep 17 00:00:00 2001
From: Radim Smat <rsmat@ra.rockwell.com>
Date: Fri, 5 Mar 2021 12:22:59 +0100
Subject: [PATCH 3/5] Fixed CID 586797.

---
 src/ssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl.c b/src/ssl.c
index a4ef05752..3b6ad2cba 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -23792,7 +23792,7 @@ int wolfSSL_sk_CIPHER_description(WOLFSSL_CIPHER* cipher)
     strLen = (int)XSTRLEN(name);
 
     for (i = 0, j = 0, k = 0; i <= strLen; i++) {
-        if (k > MAX_SEGMENTS || j > MAX_SEGMENT_SZ)
+        if (k >= MAX_SEGMENTS || j >= MAX_SEGMENT_SZ)
             break;
 
         if (name[i] != '-' && name[i] != '\0') {

From f7fbd0fceb0ebcd6f340627f6eb5c5362369f8c9 Mon Sep 17 00:00:00 2001
From: Radim Smat <rsmat@ra.rockwell.com>
Date: Fri, 5 Mar 2021 13:35:27 +0100
Subject: [PATCH 4/5] Fixed CID 587287.

---
 src/ssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl.c b/src/ssl.c
index 3b6ad2cba..dcc89357d 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -9096,7 +9096,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
                         return rc;
                     }
                     if (sk->next)
-                        XSNPRINTF(val, len, "%*s%s, ", indent, "", str->strData);
+                        XSNPRINTF(val, len, "%*s%s,", indent, "", str->strData);
                     else
                         XSNPRINTF(val, len, "%*s%s", indent, "", str->strData);
 

From 9732f6e74b21e760845d03192943a407659bafd4 Mon Sep 17 00:00:00 2001
From: Radim Smat <rsmat@ra.rockwell.com>
Date: Fri, 5 Mar 2021 14:27:47 +0100
Subject: [PATCH 5/5] Fixed CID 587328.

---
 src/ssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ssl.c b/src/ssl.c
index dcc89357d..2d8804905 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -45580,7 +45580,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
 #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
     int count = 0, len = 0, totalSz = 0, tmpSz = 0;
     char tmp[ASN_NAME_MAX+1];
-    char fullName[ASN_NAME_MAX];
+    char fullName[ASN_NAME_MAX+1];
     const char *buf = NULL;
     WOLFSSL_X509_NAME_ENTRY* ne;
     WOLFSSL_ASN1_STRING* str;