if (!str_copy(conf, psection, &include, p))
goto err;
- if (include_dir != NULL) {
+ if (include_dir != NULL && !ossl_is_absolute_path(include)) {
size_t newlen = strlen(include_dir) + strlen(include) + 2;
include_path = OPENSSL_malloc(newlen);
+ if (include_path == NULL) {
+ CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(include);
+ goto err;
+ }
+
OPENSSL_strlcpy(include_path, include_dir, newlen);
- OPENSSL_strlcat(include_path, "/", newlen);
+ if (!ossl_ends_with_dirsep(include_path))
+ OPENSSL_strlcat(include_path, "/", newlen);
OPENSSL_strlcat(include_path, include, newlen);
OPENSSL_free(include);
} else {