diff --git a/ylong_http/src/h2/encoder.rs b/ylong_http/src/h2/encoder.rs
index b6fde060ecfd4409d494fddb837bc7227fc938af..a9257aab83108d2452ffaec3d7866ee8588c8ff2 100644
--- a/ylong_http/src/h2/encoder.rs
+++ b/ylong_http/src/h2/encoder.rs
@@ -1308,7 +1308,7 @@ mod ut_frame_encoder {
         assert_eq!(third_encoded, 6);
 
         // Validate the encoded settings
-        let mut expected_encoded_settings = vec![0u8; 60];
+        let mut expected_encoded_settings = [0u8; 60];
         for (i, setting) in settings_payload.iter().enumerate() {
             let offset = i * 6;
             let (id, value) = match setting {
@@ -1628,7 +1628,7 @@ mod ut_frame_encoder {
         assert_eq!(second_encoded, 13);
 
         // Validate the encoded GOAWAY frame.
-        let mut expected_encoded_goaway = vec![0u8; 13];
+        let mut expected_encoded_goaway = [0u8; 13];
         expected_encoded_goaway[0..4].copy_from_slice(&(last_stream_id as u32).to_be_bytes());
         expected_encoded_goaway[4..8].copy_from_slice(&(error_code).to_be_bytes());
 
diff --git a/ylong_http/src/headers.rs b/ylong_http/src/headers.rs
index ef7ee58f2c4bb6000fb034dd39374fd75090b6ec..1a4b71d0a96e8f4535bcd5c117dade1d8cf0549e 100644
--- a/ylong_http/src/headers.rs
+++ b/ylong_http/src/headers.rs
@@ -1074,7 +1074,7 @@ mod ut_headers {
     fn ut_header_value_iter() {
         let mut value = HeaderValue::from_bytes(b"text/html").unwrap();
         value.append_bytes(b"application/xml").unwrap();
-        let value_to_compare = vec!["text/html", "application/xml"];
+        let value_to_compare = ["text/html", "application/xml"];
 
         for (index, sub_value) in value.iter().enumerate() {
             assert_eq!(sub_value, value_to_compare[index].as_bytes());
diff --git a/ylong_http/src/request/uri.rs b/ylong_http/src/request/uri.rs
index 359b07d7d030e916adf1a3d1e48693ca75801057..a47cfccfc28d968e591713ba641050eff299a19d 100644
--- a/ylong_http/src/request/uri.rs
+++ b/ylong_http/src/request/uri.rs
@@ -1348,7 +1348,7 @@ mod ut_uri {
         );
 
         uri_test_case!(
-            br#"https://www.example.com:80/message/email?name='\^'"#,
+            br"https://www.example.com:80/message/email?name='\^'",
             Err(HttpError::from(ErrorKind::Uri(InvalidUri::InvalidByte))),
         );
 
diff --git a/ylong_http_client/src/sync_impl/conn/http1.rs b/ylong_http_client/src/sync_impl/conn/http1.rs
index 8cfaa924055165533d62880c19803dd561b9a60b..bfa41f7fcda02340131779d52a26b166d046ba8b 100644
--- a/ylong_http_client/src/sync_impl/conn/http1.rs
+++ b/ylong_http_client/src/sync_impl/conn/http1.rs
@@ -100,13 +100,13 @@ where
         let chunked = part
             .headers
             .get("Transfer-Encoding")
-            .map(|v| v.to_str().unwrap_or(String::new()))
+            .map(|v| v.to_str().unwrap_or_default())
             .and_then(|s| s.find("chunked"))
             .is_some();
         let content_length = part
             .headers
             .get("Content-Length")
-            .map(|v| v.to_str().unwrap_or(String::new()))
+            .map(|v| v.to_str().unwrap_or_default())
             .and_then(|s| s.parse::<usize>().ok());
 
         let is_trailer = part.headers.get("Trailer").is_some();
diff --git a/ylong_http_client/src/util/c_openssl/adapter.rs b/ylong_http_client/src/util/c_openssl/adapter.rs
index 6914a0365181ae62d358dd0c54147fa71cf479a2..e4d67081ed640d6d6751f70ced3265bc6a45944a 100644
--- a/ylong_http_client/src/util/c_openssl/adapter.rs
+++ b/ylong_http_client/src/util/c_openssl/adapter.rs
@@ -612,6 +612,9 @@ impl Certificate {
 
 #[cfg(test)]
 mod ut_openssl_adapter {
+    use std::io::{Read, Write};
+    use std::net::TcpStream;
+
     use crate::util::{Cert, TlsConfigBuilder, TlsFileType, TlsVersion};
     use crate::{AlpnProtocol, AlpnProtocolList, Certificate};
 
@@ -780,6 +783,43 @@ mod ut_openssl_adapter {
             .into_inner();
     }
 
+    /// UT test cases for `TlsConfig::ssl` and `SslRef::set_verify_hostname`.
+    ///
+    /// # Brief
+    /// 1. Creates a `TlsConfig` by calling `TlsConfigBuilder::new` and
+    ///    `TlsConfigBuilder::build`.
+    /// 2. Sets hostname "" and verify_hostname.
+    /// 3. Creates a `Ssl` by calling `TlsConfig::ssl_new` then creates a
+    ///    `SslStream`.
+    /// 4. Calls `write` and `read` by `SslStream`.
+    /// 5. Checks if retures the segmentation fault `invalid memory reference`.
+    #[cfg(feature = "sync")]
+    #[test]
+    fn ut_tls_ssl_verify_hostname() {
+        let config = TlsConfigBuilder::new()
+            .sni(false)
+            .danger_accept_invalid_hostnames(false)
+            .build()
+            .expect("TlsConfig build error.");
+
+        let domain = String::from("");
+        let ssl = config
+            .ssl_new(domain.as_str())
+            .expect("Ssl build error.")
+            .into_inner();
+        let stream = TcpStream::connect("huawei.com:443").expect("Tcp stream error.");
+        let mut tls_stream = ssl.connect(stream).expect("Tls stream error.");
+
+        tls_stream
+            .write_all(b"GET / HTTP/1.0\r\n\r\n")
+            .expect("Stream write error.");
+        let mut res = vec![];
+        tls_stream
+            .read_to_end(&mut res)
+            .expect("Stream read error.");
+        println!("{}", String::from_utf8_lossy(&res));
+    }
+
     /// UT test cases for `Cert::from_pem`.
     ///
     /// # Brief
diff --git a/ylong_http_client/src/util/c_openssl/ffi/x509.rs b/ylong_http_client/src/util/c_openssl/ffi/x509.rs
index a681ab08856c0c441a9e65b2e790523cc540b4ca..b69e4612bdbd8b4db0ebc690f0975ff1578142be 100644
--- a/ylong_http_client/src/util/c_openssl/ffi/x509.rs
+++ b/ylong_http_client/src/util/c_openssl/ffi/x509.rs
@@ -22,7 +22,7 @@ extern "C" {
     /// Returns a human readable error string for verification error n.
     pub(crate) fn X509_verify_cert_error_string(n: c_long) -> *const c_char;
 
-    /// Attempts to decode len bytes at *ppin.\
+    /// Attempts to decode len bytes at *ppin.
     /// If successful a pointer to the TYPE structure is returned and *ppin is
     /// incremented to the byte following the parsed data.
     pub(crate) fn d2i_X509(
@@ -56,12 +56,16 @@ extern "C" {
 
     pub(crate) fn X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint);
 
+    /// If name is NUL-terminated, namelen may be zero, otherwise namelen must
+    /// be set to the length of name.
     pub(crate) fn X509_VERIFY_PARAM_set1_host(
         param: *mut X509_VERIFY_PARAM,
         name: *const c_char,
         namelen: size_t,
     ) -> c_int;
 
+    /// The ip argument is in binary format, in network byte-order and iplen
+    /// must be set to 4 for IPv4 and 16 for IPv6.
     pub(crate) fn X509_VERIFY_PARAM_set1_ip(
         param: *mut X509_VERIFY_PARAM,
         ip: *const c_uchar,
diff --git a/ylong_http_client/src/util/c_openssl/x509.rs b/ylong_http_client/src/util/c_openssl/x509.rs
index e962f7b51f9cc6d0d60c112e2e4a9bbfc189d885..632ad9e1934dc342fa9c9c0c1a59228ede2a5202 100644
--- a/ylong_http_client/src/util/c_openssl/x509.rs
+++ b/ylong_http_client/src/util/c_openssl/x509.rs
@@ -160,8 +160,10 @@ impl X509VerifyParamRef {
     }
 
     pub(crate) fn set_host(&mut self, host: &str) -> Result<(), ErrorStack> {
+        let c_host = if host.is_empty() { "\0" } else { host };
         check_ret(unsafe {
-            X509_VERIFY_PARAM_set1_host(self.as_ptr(), host.as_ptr() as *const _, host.len())
+            // Must ensure name is NUL-terminated when namelen == 0.
+            X509_VERIFY_PARAM_set1_host(self.as_ptr(), c_host.as_ptr() as *const _, host.len())
         })
         .map(|_| ())
     }