diff --git a/c_rehash.c b/c_rehash.c
index 5575492..1612e07 100644
--- a/c_rehash.c
+++ b/c_rehash.c
@@ -174,7 +174,8 @@ static int handle_certificate(const char *filename, const char *fullpath)
 	const char *ext;
 	unsigned char digest[EVP_MAX_MD_SIZE];
 	X509_NAME *name = NULL;
-	int i, type, ret = -1;
+	int type, ret = -1;
+	size_t i;
 
 	ext = strrchr(filename, '.');
 	if (ext == NULL) return 0;
@@ -223,9 +224,10 @@ static int hash_dir(const char *dirname)
 	struct dirent *de;
 	struct stat st;
 	unsigned char idmask[MAX_COLLISIONS / 8];
-	int i, n, nextid, buflen, ret = -1;
+	int n, nextid, buflen, ret = -1;
 	const char *pathsep;
 	char *buf;
+	size_t i;
 	DIR *d;
 
 	if (access(dirname, R_OK|W_OK|X_OK) != 0) {
diff --git a/certdata2pem.c b/certdata2pem.c
index 9eae705..a6bcc33 100644
--- a/certdata2pem.c
+++ b/certdata2pem.c
@@ -27,10 +27,10 @@ int main(void)
 {
   FILE *f;
   char cert[4096], ecert[4096*4/3 + 100];
-  char *line = 0, *tmp, *filename, *label, *pcert = 0;
+  char *line = 0, *tmp, *filename, *label = 0, *pcert = 0;
   ssize_t len;
-  size_t size, certsize;
-  int trust;
+  size_t size, certsize = 0;
+  int trust = 0;
   char **blacklist = 0, **node;
 
   filename = "./blacklist.txt";
@@ -67,7 +67,8 @@ int main(void)
             tmp++;
           }
         }
-        if (k = i % 3) {
+	k = i % 3;
+        if (k) {
           tmp[2] = '=';
           tmp[3] = '=';
           val <<= 6 - 2*k;
@@ -139,4 +140,4 @@ int main(void)
   free(line);
   free(label);
   return 0;
-}
\ No newline at end of file
+}
diff --git a/update-ca.c b/update-ca.c
index 6edbc11..f90c782 100644
--- a/update-ca.c
+++ b/update-ca.c
@@ -77,7 +77,7 @@ static struct hash_item *hash_get(struct hash *h, const char *key)
 static void hash_foreach(struct hash *h, void (*cb)(struct hash_item *))
 {
 	struct hash_item *item;
-	int i;
+	size_t i;
 
 	for (i = 0; i < ARRAY_SIZE(h->items); i++) {
 		for (item = h->items[i]; item; item = item->next)
@@ -110,7 +110,7 @@ buffered_copyfd(int in_fd, int out_fd, ssize_t in_size)
 {
 	const size_t bufsize = 8192;
 	char *buf = NULL;
-	ssize_t r = 0, w = 0, copied = 0, n, m;
+	ssize_t r = 0, w = 0, copied = 0, n;
 	if ((buf = malloc(bufsize)) == NULL)
 		return -1;
 
@@ -172,9 +172,14 @@ static void proc_localglobaldir(const char *fullpath, struct hash *h, int tmpfil
 	if (flen > 4 && strcmp(&fname[flen-4], ".crt") == 0)
 		flen -= 4;
 
+	if (flen > INT_MAX) {
+		fprintf(stderr, "File name too long: %zu\n", flen);
+		return;
+	}
+
 	if (asprintf(&actual_file, "%s%.*s%s",
 				   "ca-cert-",
-				   flen, fname,
+				   (int)flen, fname,
 				   ".pem") == -1) {
 		fprintf(stderr, "Cannot open path: %s\n", fullpath);
 		return;
@@ -207,6 +212,8 @@ static void proc_etccertsdir(const char* fullpath, struct hash* h, int tmpfile_f
 	char linktarget[SYMLINK_MAX];
 	ssize_t linklen;
 
+	(void)tmpfile_fd;
+
 	linklen = readlink(fullpath, linktarget, sizeof(linktarget)-1);
 	if (linklen < 0)
 		return;
@@ -297,7 +304,7 @@ static void update_ca_symlink(struct hash_item *item)
 	free(newpath);
 }
 
-int main(int a, char **v)
+int main(void)
 {
 	struct hash _calinks, *calinks = &_calinks;
 
@@ -338,7 +345,7 @@ int main(int a, char **v)
 	free(tmpfile);
 
 	/* Execute run-parts */
-	static const char *run_parts_args[] = { "run-parts", RUNPARTSDIR, 0 };
+	static char *const run_parts_args[] = { "run-parts", RUNPARTSDIR, 0 };
 	execv("/usr/bin/run-parts", run_parts_args);
 	execv("/bin/run-parts", run_parts_args);
 	perror("run-parts");