diff --git a/wolfcrypt/src/port/af_alg/wc_afalg.c b/wolfcrypt/src/port/af_alg/wc_afalg.c
index 5e0ad7e39..264e712b7 100644
--- a/wolfcrypt/src/port/af_alg/wc_afalg.c
+++ b/wolfcrypt/src/port/af_alg/wc_afalg.c
@@ -36,11 +36,20 @@
 /* Sets the type of socket address to use */
 void wc_Afalg_SockAddr(struct sockaddr_alg* in, const char* type, const char* name)
 {
+    int typeSz = (int)XSTRLEN(type) + 1; /* +1 for null terminator */
+    int nameSz = (int)XSTRLEN(name) + 1; /* +1 for null terminator */
+
+    if (typeSz > (int)sizeof(in->salg_type) ||
+		    nameSz > (int)sizeof(in->salg_name)) {
+        WOLFSSL_MSG("type or name was too large");
+        return;
+    }
+
     in->salg_family = AF_ALG;
-    XSTRNCPY((char*)in->salg_type, type, XSTRLEN(type));
-    in->salg_type[XSTRLEN(type)] = '\0';
-    XSTRNCPY((char*)in->salg_name, name, XSTRLEN(name));
-    in->salg_name[XSTRLEN(name)] = '\0';
+    XSTRNCPY((char*)in->salg_type, type, typeSz);
+    in->salg_type[typeSz - 1] = '\0';
+    XSTRNCPY((char*)in->salg_name, name, nameSz);
+    in->salg_name[nameSz - 1] = '\0';
 }
 
 
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index ff33c9c06..d14169a7d 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -603,13 +603,6 @@ struct WOLFSSL_X509_STORE {
 #define WOLFSSL_NO_WILDCARDS         0x2
 #define WOLFSSL_NO_PARTIAL_WILDCARDS 0x4
 
-#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
-    defined(WOLFSSL_WPAS_SMALL) || defined(WOLFSSL_IP_ALT_NAME)
-    #define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
-    #define WOLFSSL_IP4_ADDR_LEN 4
-    #define WOLFSSL_IP6_ADDR_LEN 16
-#endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */
-
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
 #define WOLFSSL_USE_CHECK_TIME 0x2
 #define WOLFSSL_NO_CHECK_TIME  0x200000
@@ -621,6 +614,10 @@ struct WOLFSSL_X509_STORE {
 #define WOLFSSL_VPARAM_LOCKED           0x8
 #define WOLFSSL_VPARAM_ONCE             0x10
 
+#ifndef WOLFSSL_MAX_IPSTR
+    #define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
+#endif
+
 struct WOLFSSL_X509_VERIFY_PARAM {
     time_t         check_time;
     unsigned int   inherit_flags;
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
index 0094e9191..68b5dbdff 100644
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -1218,6 +1218,15 @@ enum CsrAttrType {
 #define WC_NS_OBJSIGN_CA      0x01
 
 
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
+    defined(WOLFSSL_WPAS_SMALL) || defined(WOLFSSL_IP_ALT_NAME)
+    #ifndef WOLFSSL_MAX_IPSTR
+        #define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
+    #endif
+    #define WOLFSSL_IP4_ADDR_LEN 4
+    #define WOLFSSL_IP6_ADDR_LEN 16
+#endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */
+
 typedef struct DNS_entry   DNS_entry;
 
 struct DNS_entry {