diff --git a/ddtrace/appsec/_ddwaf.pyx b/ddtrace/appsec/_ddwaf.pyx
index 17d99026fb0..35c5a2f31ea 100644
--- a/ddtrace/appsec/_ddwaf.pyx
+++ b/ddtrace/appsec/_ddwaf.pyx
@@ -56,6 +56,7 @@ def version():
 
 
 cdef inline object _string_to_bytes(object string, const char **ptr, ssize_t *length):
+    ptr[0] = NULL
     if isinstance(string, six.binary_type):
         ptr[0] = PyBytes_AsString(string)
         length[0] = PyBytes_Size(string)
diff --git a/releasenotes/notes/asm-fix-python-2-error-reading-ddwaf-rules-d3653031f2ba84ba.yaml b/releasenotes/notes/asm-fix-python-2-error-reading-ddwaf-rules-d3653031f2ba84ba.yaml
new file mode 100644
index 00000000000..8b3d33b3ef0
--- /dev/null
+++ b/releasenotes/notes/asm-fix-python-2-error-reading-ddwaf-rules-d3653031f2ba84ba.yaml
@@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    ASM: fix Python 2 error reading WAF rules.
\ No newline at end of file
diff --git a/tests/appsec/test_processor.py b/tests/appsec/test_processor.py
index f7eef041591..a3d512fe0c9 100644
--- a/tests/appsec/test_processor.py
+++ b/tests/appsec/test_processor.py
@@ -3,7 +3,9 @@
 
 import pytest
 
+from ddtrace.appsec._ddwaf import DDWaf
 from ddtrace.appsec.processor import AppSecSpanProcessor
+from ddtrace.appsec.processor import DEFAULT_RULES
 from ddtrace.ext import SpanTypes
 from ddtrace.ext import priority
 from tests.utils import override_env
@@ -75,3 +77,9 @@ def test_appsec_span_tags_snapshot(tracer):
         span.set_tag("http.status_code", "404")
 
     assert "triggers" in json.loads(span.get_tag("_dd.appsec.json"))
+
+
+def test_ddwaf_not_raises_exception():
+    with open(DEFAULT_RULES) as rules:
+        rules_json = json.loads(rules.read())
+        DDWaf(rules_json)