diff --git a/src/x509_str.c b/src/x509_str.c
index 72a9118e7..1f0bafafd 100644
--- a/src/x509_str.c
+++ b/src/x509_str.c
@@ -472,6 +472,7 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
     int added = 0;
     int i = 0;
     int numInterAdd = 0;
+    int numFailedCerts = 0;
     int depth = 0;
     int origDepth = 0;
     WOLFSSL_X509 *issuer = NULL;
@@ -627,8 +628,8 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
 exit:
     /* Copy back failed certs if verification failed. */
     if (ret != WOLFSSL_SUCCESS) {
-        for (int cnt = 0, total = wolfSSL_sk_X509_num(failedCerts);
-                cnt < total; cnt++)
+        numFailedCerts = wolfSSL_sk_X509_num(failedCerts);
+        for (i = 0; i < numFailedCerts; i++)
         {
             wolfSSL_sk_X509_push(certs, wolfSSL_sk_X509_pop(failedCerts));
         }
diff --git a/tests/api.c b/tests/api.c
index 5e336bf11..29c868977 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -20390,9 +20390,9 @@ static int test_wolfSSL_X509_STORE_CTX_ex12(void)
     ExpectNotNull(ctx = X509_STORE_CTX_new());
     ExpectIntEQ(X509_STORE_CTX_init(ctx, store, badAkiX509, NULL), 1);
     ExpectIntEQ(X509_verify_cert(ctx), 0);
+    X509_STORE_CTX_cleanup(ctx);
 
     ExpectIntEQ(X509_STORE_add_cert(store, badAkiX509), 1);
-    ExpectNotNull(ctx = X509_STORE_CTX_new());
     ExpectNotNull(ca1X509 = test_wolfSSL_X509_STORE_CTX_ex_helper(intCA1ECCFile));
     ExpectIntEQ(X509_STORE_CTX_init(ctx, store, ca1X509, NULL), 1);
     ExpectIntEQ(X509_verify_cert(ctx), 1);