From: Daniel Salzman <daniel.salzman@nic.cz>
Date: Tue, 3 Jun 2025 13:45:13 +0000 (+0200)
Subject: tls: avoid passing NULL to strlen() when generating a certificate
X-Git-Tag: v3.5.0~64
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4c9feb2572fba13588e9d8d4978c06c82c276c4c;p=thirdparty%2Fknot-dns.git

tls: avoid passing NULL to strlen() when generating a certificate
---

diff --git a/src/libknot/quic/tls_common.c b/src/libknot/quic/tls_common.c
index 31b37f7164..5df73b8b3a 100644
--- a/src/libknot/quic/tls_common.c
+++ b/src/libknot/quic/tls_common.c
@@ -127,12 +127,12 @@ static int self_signed_cert(gnutls_certificate_credentials_t tls_cert,
 	gnutls_datum_t san_der = { 0 };
 
 	gnutls_datum_t hostname = {
-		.data = (unsigned char *)sockaddr_hostname(),
-		.size = strlen((char *)hostname.data)
+		.data = (unsigned char *)sockaddr_hostname()
 	};
 	if (hostname.data == NULL) {
 		return GNUTLS_E_MEMORY_ERROR;
 	}
+	hostname.size = strlen((char *)hostname.data);
 
 	int ret;
 	uint8_t serial[16];