diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index a830fc2a7..deb66174b 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -97,7 +97,7 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct
     size_t buflen = 0;
 
     /* Determine the maximum size of the SubjectAltName list */
-    for(cur = san_list; cur != NULL; cur = cur->next) {
+    for (cur = san_list; cur != NULL; cur = cur->next) {
         /* Calculate size of the required buffer */
         switch (cur->node.type) {
             case MBEDTLS_X509_SAN_DNS_NAME:
@@ -136,17 +136,23 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct
             case MBEDTLS_X509_SAN_DNS_NAME:
             case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER:
             case MBEDTLS_X509_SAN_IP_ADDRESS:
+            {
+                const unsigned char *unstructured_name =
+                    (const unsigned char *) cur->node.san.unstructured_name.p;
+                size_t unstructured_name_len = cur->node.san.unstructured_name.len;
+
                 MBEDTLS_ASN1_CHK_CLEANUP_ADD(len,
-                                             mbedtls_asn1_write_raw_buffer(&p, buf,
-                                                                           (const unsigned char *) cur->node.san.unstructured_name.p,
-                                                                           cur->node.san.unstructured_name.len));
-                MBEDTLS_ASN1_CHK_CLEANUP_ADD(len, mbedtls_asn1_write_len(&p, buf,
-                                                                         cur->node.san.unstructured_name.len));
+                                             mbedtls_asn1_write_raw_buffer(
+                                                 &p, buf,
+                                                 unstructured_name, unstructured_name_len));
+                MBEDTLS_ASN1_CHK_CLEANUP_ADD(len, mbedtls_asn1_write_len(
+                                                 &p, buf, unstructured_name_len));
                 MBEDTLS_ASN1_CHK_CLEANUP_ADD(len,
-                                             mbedtls_asn1_write_tag(&p, buf,
-                                                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC |
-                                                                    cur->node.type));
-                break;
+                                             mbedtls_asn1_write_tag(
+                                                 &p, buf,
+                                                 MBEDTLS_ASN1_CONTEXT_SPECIFIC | cur->node.type));
+            }
+            break;
             default:
                 /* Skip unsupported names. */
                 break;
@@ -170,7 +176,7 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct
 
     /* If we exceeded the allocated buffer it means that maximum size of the SubjectAltName list
      * was incorrectly calculated and memory is corrupted. */
-    if ( p < buf ) {
+    if (p < buf) {
         ret = MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
     }
 
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index 8baca81d8..2f7126b92 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -169,7 +169,6 @@ int main(int argc, char *argv[])
     mbedtls_ctr_drbg_context ctr_drbg;
     const char *pers = "csr example app";
     mbedtls_x509_san_list *cur, *prev;
-    uint8_t ip[4];
 
     /*
      * Set to sane values
@@ -220,6 +219,8 @@ usage:
             prev = NULL;
 
             while (q != NULL) {
+                uint8_t ip[4] = { 0 };
+
                 if ((r = strchr(q, ';')) != NULL) {
                     *r++ = '\0';
                 }