diff --git a/src/ssl.c b/src/ssl.c index 33559f7f3..e23abee1c 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -39658,24 +39658,24 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, if (len == 0 || buf == NULL) return WOLFSSL_FAILURE; - tmpSz = str->length + len + 2; /* + 2 for '=' and null char */ + tmpSz = str->length + len + 2; /* + 2 for '=' and comma */ if (tmpSz > ASN_NAME_MAX) { WOLFSSL_MSG("Size greater than ASN_NAME_MAX"); return WOLFSSL_FAILURE; } if (i < count - 1) { + /* tmpSz+1 for last null char */ XSNPRINTF(tmp, tmpSz+1, "%s=%s,", buf, str->data); XSTRNCAT(fullName, tmp, tmpSz); } else { XSNPRINTF(tmp, tmpSz, "%s=%s", buf, str->data); XSTRNCAT(fullName, tmp, tmpSz-1); + tmpSz--; /* Don't include null char in tmpSz */ } totalSz += tmpSz; } - if (totalSz > 0 && fullName[totalSz-1] == '\0') - totalSz--; if (wolfSSL_BIO_write(bio, fullName, totalSz) != totalSz) return WOLFSSL_FAILURE; return WOLFSSL_SUCCESS; diff --git a/tests/api.c b/tests/api.c index ddfc2df0f..ad21169ec 100644 --- a/tests/api.c +++ b/tests/api.c @@ -4351,6 +4351,7 @@ static void test_wolfSSL_X509_NAME_get_entry(void) ASN1_STRING* asn; int idx; ASN1_OBJECT *object = NULL; + BIO* bio; #ifndef NO_FILESYSTEM x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM); @@ -4373,6 +4374,11 @@ static void test_wolfSSL_X509_NAME_get_entry(void) idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1); AssertIntGE(idx, 0); + AssertNotNull(bio = BIO_new(BIO_s_mem())); + AssertIntEQ(X509_NAME_print_ex(bio, name, 4, + (XN_FLAG_RFC2253 & ~XN_FLAG_DN_REV)), WOLFSSL_SUCCESS); + BIO_free(bio); + ne = X509_NAME_get_entry(name, idx); AssertNotNull(ne); AssertNotNull(object = X509_NAME_ENTRY_get_object(ne));