diff --git a/libnetutil/UDPHeader.cc b/libnetutil/UDPHeader.cc
index c9796ca9a..8252ccd75 100644
--- a/libnetutil/UDPHeader.cc
+++ b/libnetutil/UDPHeader.cc
@@ -343,7 +343,7 @@ int UDPHeader::setTotalLength(){
   * only carry 65,507 or 65,527. However, we are not taking that into account
   * here because UDP is supposed to be independent of IPv4, IPv6 or
   * whatever other network layer protocol is used to carry the UDP datagrams.*/
-  if ((mylen+otherslen) > 65535 || (mylen+otherslen)<8 ){
+  if (otherslen < 0 || otherslen > 65535 || (mylen+otherslen) > 65535){
     printf("UDPHeader::setTotalLength(): Invalid length.\n");
     return OP_FAILURE;
   }
diff --git a/payload.cc b/payload.cc
index 1f0ced97f..2e7ef125d 100644
--- a/payload.cc
+++ b/payload.cc
@@ -216,6 +216,7 @@ static unsigned short *parse_portlist(const char *portlist, unsigned int *count)
       return NULL;
   }
 
+  assert(*count < 65536);
   result = (unsigned short *) malloc(sizeof(*result) * *count);
   if (result == NULL)
     return NULL;
diff --git a/utils.cc b/utils.cc
index e079807c0..fcbf9e3cc 100644
--- a/utils.cc
+++ b/utils.cc
@@ -215,7 +215,7 @@ void genfry(unsigned char *arr, int elem_sz, int num_elem) {
   unsigned short *sptr;
   unsigned int *iptr;
   unsigned char *tmp;
-  int bpe;
+  size_t bpe;
 
   if (sizeof(unsigned char) != 1)
     fatal("%s() requires 1 byte chars", __func__);