diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index fb77b5ef0..f13832cf6 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -15282,8 +15282,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                             ERROR_OUT(MEMORY_E, exit_cs);
                         }
                     #endif
-                        mp_init(r);
-                        mp_init(s);
+                        if ((ret = mp_init_multi(r, s, NULL, NULL, NULL, NULL)) != MP_OKAY) {
+                            goto exit_cs;
+                        }
 
                         idx = 0;
                         if (DecodeECC_DSA_Sig(sig + idx, sigSz - idx, r, s)
@@ -21853,6 +21854,8 @@ Signer* MakeSigner(void* heap)
  */
 void FreeSigner(Signer* signer, void* heap)
 {
+    (void)signer;
+    (void)heap;
     XFREE(signer->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
     XFREE((void*)signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
 #ifndef IGNORE_NAME_CONSTRAINTS
@@ -21865,8 +21868,6 @@ void FreeSigner(Signer* signer, void* heap)
     FreeDer(&signer->derCert);
 #endif
     XFREE(signer, heap, DYNAMIC_TYPE_SIGNER);
-    (void)signer;
-    (void)heap;
 }
 
 
diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
index 71ace541d..958089b82 100644
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -4055,6 +4055,10 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig,
             ret = MEMORY_E;
         }
     }
+#else
+    if (ret == 0 && sizeof(sigCheckBuf) < (RSA_PSS_PAD_SZ + inSz + saltLen)) {
+        ret = BUFFER_E;
+    }
 #endif
 
     /* Exp Hash = HASH(8 * 0x00 | Message Hash | Salt) */