diff --git a/autogen.sh b/autogen.sh
index aba57d715..1dc3ba1fb 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -8,8 +8,12 @@ if test -d .git; then
   if ! test -d .git/hooks; then
     mkdir .git/hooks
   fi
-  ln -s -f ../../pre-commit.sh .git/hooks/pre-commit
-  ln -s -f ../../pre-push.sh .git/hooks/pre-push
+  if [ ! -e .git/hooks/pre-commit ]; then
+      ln -s ../../pre-commit.sh .git/hooks/pre-commit
+  fi
+  if [ ! -e .git/hooks/pre-push ]; then
+      ln -s ../../pre-push.sh .git/hooks/pre-push
+  fi
 fi
 
 # touch options.h (make sure it exists)
diff --git a/configure.ac b/configure.ac
index f3e95225a..818bc4b39 100644
--- a/configure.ac
+++ b/configure.ac
@@ -95,16 +95,16 @@ AC_ARG_ENABLE([reproducible-build],
 xxx_ar_flags=$(ar --help 2>&1)
 if test "$ENABLED_REPRODUCIBLE_BUILD" = "yes"
 then
-    AS_CASE([$xxx_ar_flags],[*'use zero for timestamps and uids/gids'*],[: ${AR_FLAGS="Dcr"}])
+    AS_CASE([$xxx_ar_flags],[*'use zero for timestamps and uids/gids'*],[AR_FLAGS="Dcr"])
 else
-    AS_CASE([$xxx_ar_flags],[*'use actual timestamps and uids/gids'*],[: ${AR_FLAGS="Ucru"}])
+    AS_CASE([$xxx_ar_flags],[*'use actual timestamps and uids/gids'*],[AR_FLAGS="Ucru"])
 fi
 xxx_ranlib_flags=$(ranlib --help 2>&1)
 if test "$ENABLED_REPRODUCIBLE_BUILD" = "yes"
 then
-    AS_CASE([$xxx_ranlib_flags],[*'Use zero for symbol map timestamp'*],[: ${RANLIB="ranlib -D"}])
+    AS_CASE([$xxx_ranlib_flags],[*'Use zero for symbol map timestamp'*],[RANLIB="ranlib -D"])
 else
-    AS_CASE([$xxx_ranlib_flags],[*'Use actual symbol map timestamp'*],[: ${RANLIB="ranlib -U"}])
+    AS_CASE([$xxx_ranlib_flags],[*'Use actual symbol map timestamp'*],[RANLIB="ranlib -U"])
 fi
 
 
diff --git a/wolfcrypt/src/srp.c b/wolfcrypt/src/srp.c
index b30f415bf..95d927b75 100644
--- a/wolfcrypt/src/srp.c
+++ b/wolfcrypt/src/srp.c
@@ -654,8 +654,7 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
 
     if (!srp || !clientPubKey || clientPubKeySz == 0
         || !serverPubKey || serverPubKeySz == 0) {
-        r = BAD_FUNC_ARG;
-        goto out;
+        return BAD_FUNC_ARG;
     }
 
 #ifdef WOLFSSL_SMALL_STACK
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index e11194245..aa86dc7ad 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -11467,6 +11467,9 @@ WOLFSSL_TEST_SUBROUTINE int XChaCha20Poly1305_test(void) {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     byte *buf1 = (byte *)XMALLOC(sizeof Ciphertext + sizeof Tag, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     byte *buf2 = (byte *)XMALLOC(sizeof Plaintext, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if ((buf1 == NULL) || (buf2 == NULL))
+        ERROR_OUT(-6480, out);
 #else
     byte buf1[sizeof Ciphertext + sizeof Tag];
     byte buf2[sizeof Plaintext];
@@ -11479,31 +11482,33 @@ WOLFSSL_TEST_SUBROUTINE int XChaCha20Poly1305_test(void) {
                                        Key, sizeof Key);
 
     if (ret < 0)
-        ERROR_OUT(-6840, out);
-
-    if (XMEMCMP(buf1, Ciphertext, sizeof Plaintext))
         ERROR_OUT(-6841, out);
 
-    if (XMEMCMP(buf1 + sizeof Plaintext, Tag, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE))
+    if (XMEMCMP(buf1, Ciphertext, sizeof Ciphertext))
         ERROR_OUT(-6842, out);
 
+    if (XMEMCMP(buf1 + sizeof Ciphertext, Tag, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE))
+        ERROR_OUT(-6843, out);
+
     ret = wc_XChaCha20Poly1305_Decrypt(buf2, sizeof Plaintext,
-                                 buf1, sizeof Plaintext + sizeof Tag,
+                                 buf1, sizeof Ciphertext + sizeof Tag,
                                        AAD, sizeof AAD,
                                        IV, sizeof IV,
                                        Key, sizeof Key);
 
     if (ret < 0)
-        ERROR_OUT(-6843, out);
+        ERROR_OUT(-6844, out);
 
     if (XMEMCMP(buf2, Plaintext, sizeof Plaintext))
-        ERROR_OUT(-6844, out);
+        ERROR_OUT(-6845, out);
 
   out:
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    XFREE(buf1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(buf2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    if (buf1 != NULL)
+        XFREE(buf1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    if (buf2 != NULL)
+        XFREE(buf2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
 
     return ret;
diff --git a/wolfssl/openssl/sha.h b/wolfssl/openssl/sha.h
index 7120ecb17..d7078d4f8 100644
--- a/wolfssl/openssl/sha.h
+++ b/wolfssl/openssl/sha.h
@@ -158,7 +158,7 @@ typedef WOLFSSL_SHA256_CTX SHA256_CTX;
 
 typedef struct WOLFSSL_SHA384_CTX {
     /* big enough to hold wolfCrypt Sha384, but check on init */
-    void* holder[(256 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
+    void* holder[(268 + WC_ASYNC_DEV_SIZE) / sizeof(void*)];
 } WOLFSSL_SHA384_CTX;
 
 WOLFSSL_API int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX*);