4 files changed, 12 insertions, 15 deletions

diff --git a/src/lib/cert/x509/x509path.cpp b/src/lib/cert/x509/x509path.cpp
index 29853bb4a..a0cae2c93 100644
--- a/src/lib/cert/x509/x509path.cpp
+++ b/src/lib/cert/x509/x509path.cpp
@@ -29,9 +29,11 @@ find_issuing_cert(const X509_Certificate& cert,
    const X509_DN issuer_dn = cert.issuer_dn();
    const std::vector<byte> auth_key_id = cert.authority_key_id();
 
-   std::shared_ptr<const X509_Certificate> c = end_certs.find_cert(issuer_dn, auth_key_id);
-   if(c && *c != cert)
-      return c;
+   if(std::shared_ptr<const X509_Certificate> c = end_certs.find_cert(issuer_dn, auth_key_id))
+      {
+      if(*c != cert)
+         return c;
+      }
 
    for(size_t i = 0; i != certstores.size(); ++i)
       {
diff --git a/src/lib/tls/msg_server_hello.cpp b/src/lib/tls/msg_server_hello.cpp
index 4f95a5c9d..d13bc7551 100644
--- a/src/lib/tls/msg_server_hello.cpp
+++ b/src/lib/tls/msg_server_hello.cpp
@@ -66,11 +66,11 @@ Server_Hello::Server_Hello(Handshake_IO& io,
          {
          u16bit shared = 0;
          // always using server preferences for now
-         for(auto s : server_srtp)
-            for(auto c : client_srtp)
+         for(auto s_srtp : server_srtp)
+            for(auto c_srtp : client_srtp)
                {
-               if(shared == 0 && s == c)
-                  shared = s;
+               if(shared == 0 && s_srtp == c_srtp)
+                  shared = s_srtp;
                }
 
          if(shared)
diff --git a/src/lib/tls/tls_cbc/tls_cbc.cpp b/src/lib/tls/tls_cbc/tls_cbc.cpp
index c7203003b..0318eb1b1 100644
--- a/src/lib/tls/tls_cbc/tls_cbc.cpp
+++ b/src/lib/tls/tls_cbc/tls_cbc.cpp
@@ -130,12 +130,11 @@ void TLS_CBC_HMAC_AEAD_Encryption::set_associated_data(const byte ad[], size_t a
 
    if(use_encrypt_then_mac())
       {
-      std::vector<byte>& ad = assoc_data();
       // AAD hack for EtM
-      size_t pt_size = make_u16bit(ad[11], ad[12]);
+      size_t pt_size = make_u16bit(assoc_data()[11], assoc_data()[12]);
       size_t enc_size = round_up(iv_size() + pt_size + 1, block_size());
-      ad[11] = get_byte<uint16_t>(0, enc_size);
-      ad[12] = get_byte<uint16_t>(1, enc_size);
+      assoc_data()[11] = get_byte<uint16_t>(0, enc_size);
+      assoc_data()[12] = get_byte<uint16_t>(1, enc_size);
       }
    }
 
@@ -341,9 +340,6 @@ void TLS_CBC_HMAC_AEAD_Decryption::finish(secure_vector<byte>& buffer, size_t of
       }
    else
       {
-      uint8_t* record_contents = msg().data();
-      const size_t record_len = msg().size();
-
       CT::poison(record_contents, record_len);
 
       cbc_decrypt_record(record_contents, record_len);
diff --git a/src/tests/test_certstor.cpp b/src/tests/test_certstor.cpp
index b1b659050..ad09ce5f2 100644
--- a/src/tests/test_certstor.cpp
+++ b/src/tests/test_certstor.cpp
@@ -220,7 +220,6 @@ class Certstor_Tests : public Test
                for(auto&& cert_key_pair : test_data)
                   {
                   Botan::X509_Certificate cert(test_dir + "/" + cert_key_pair.first);
-                  Botan::AutoSeeded_RNG rng;
                   std::shared_ptr<Botan::Private_Key> key(Botan::PKCS8::load_key(test_dir + "/" + cert_key_pair.second,rng));
 
                   if(!key)