diff --git a/src/internal.c b/src/internal.c
index b3680471e..41e066555 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -12909,9 +12909,17 @@ static int ProcessPeerCertParse(WOLFSSL* ssl, ProcPeerCertArgs* args,
         return BAD_FUNC_ARG;
     }
 
+PRAGMA_GCC_DIAG_PUSH
+PRAGMA_GCC("GCC diagnostic ignored \"-Wstrict-overflow\"")
+    /* Surrounded in gcc pragma to avoid -Werror=strict-overflow when the
+     * compiler optimizes out the check and assumes no underflow. Keeping the
+     * check in place to handle multiple build configurations and future
+     * changes. */
+
     /* check to make sure certificate index is valid */
     if (args->certIdx > args->count)
         return BUFFER_E;
+PRAGMA_GCC_DIAG_POP
 
     /* check if returning from non-blocking OCSP */
     /* skip this section because cert is already initialized and parsed */
diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c
index 6109bb102..1fbfe5e65 100644
--- a/wolfcrypt/src/sp_int.c
+++ b/wolfcrypt/src/sp_int.c
@@ -4874,6 +4874,10 @@ int sp_copy(const sp_int* a, sp_int* r)
     }
     /* Only copy if different pointers. */
     else if (a != r) {
+    PRAGMA_GCC_DIAG_PUSH
+    PRAGMA_GCC("GCC diagnostic ignored \"-Wstrict-overflow\"")
+    /* Surrounded in gcc pragma to avoid -Werror=strict-overflow when the
+     * compiler optimizes out the check and assumes no overflow. */
         /* Validated space in result. */
         if (a->used > r->size) {
             err = MP_VAL;
@@ -4893,6 +4897,7 @@ int sp_copy(const sp_int* a, sp_int* r)
             r->sign = a->sign;
         #endif
         }
+    PRAGMA_GCC_DIAG_POP
     }
 
     return err;