diff --git a/cli-agentfwd.c b/cli-agentfwd.c
index f166121e7c4f5398c296d0b7c00c613cb04c7e2f..4ec555b37bd6f98e7134b31da34059fffeca77de 100644
--- a/cli-agentfwd.c
+++ b/cli-agentfwd.c
@@ -201,7 +201,7 @@ static void agent_get_key_list(m_list * ret_list)
 	num = buf_getint(inbuf);
 	for (i = 0; i < num; i++) {
 		sign_key * pubkey = NULL;
-		int key_type = DROPBEAR_SIGNKEY_ANY;
+		enum signkey_type key_type = DROPBEAR_SIGNKEY_ANY;
 		buffer * key_buf;
 
 		/* each public key is encoded as a string */
diff --git a/configure.ac b/configure.ac
index 097fb0ec15c55798021ecc8ce87fa38efcd1d55d..a24e87a98bc074d30c93f955cb064bfe132ff960 100644
--- a/configure.ac
+++ b/configure.ac
@@ -21,7 +21,7 @@ AC_SUBST(LD)
 
 if test -z "$OLDCFLAGS" && test "$GCC" = "yes"; then
 	AC_MSG_NOTICE(No \$CFLAGS set... using "-Os -W -Wall" for GCC)
-	CFLAGS="-Os -W -Wall"
+	CFLAGS="-Os -W -Wall -Wno-pointer-sign"
 fi
 
 # large file support is useful for scp
diff --git a/dbutil.c b/dbutil.c
index b194e3da7c071095d73625d88f61eb3d384aa023..ce88731ca07f4f26f791bc7008560f0e0a5c53f2 100644
--- a/dbutil.c
+++ b/dbutil.c
@@ -881,14 +881,17 @@ void disallow_core() {
 
 /* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE, with the result in *val */
 int m_str_to_uint(const char* str, unsigned int *val) {
+	unsigned long l;
 	errno = 0;
-	*val = strtoul(str, NULL, 10);
+	l = strtoul(str, NULL, 10);
 	/* The c99 spec doesn't actually seem to define EINVAL, but most platforms
 	 * I've looked at mention it in their manpage */
-	if ((*val == 0 && errno == EINVAL)
-		|| (*val == ULONG_MAX && errno == ERANGE)) {
+	if ((l == 0 && errno == EINVAL)
+		|| (l == ULONG_MAX && errno == ERANGE)
+		|| (l > UINT_MAX)) {
 		return DROPBEAR_FAILURE;
 	} else {
+		*val = l;
 		return DROPBEAR_SUCCESS;
 	}
 }
diff --git a/ecc.c b/ecc.c
index 4bfe51a93b9b4c9f8079e141dea35f3bf677755c..c733c9ed61d1d3f759be31c4e3989518668565d4 100644
--- a/ecc.c
+++ b/ecc.c
@@ -75,8 +75,8 @@ struct dropbear_ecc_curve* curve_for_dp(const ltc_ecc_set_type *dp) {
 
 ecc_key * new_ecc_key(void) {
 	ecc_key *key = m_malloc(sizeof(*key));
-	m_mp_alloc_init_multi(&key->pubkey.x, &key->pubkey.y, 
-		&key->pubkey.z, &key->k, NULL);
+	m_mp_alloc_init_multi((mp_int**)&key->pubkey.x, (mp_int**)&key->pubkey.y, 
+		(mp_int**)&key->pubkey.z, (mp_int**)&key->k, NULL);
 	return key;
 }
 
diff --git a/signkey.c b/signkey.c
index 8347371de1c9e94cc1c607dca74b4d6429e7dd0b..4ac40cbebf063d28ebe3c543246bf7e405f68b98 100644
--- a/signkey.c
+++ b/signkey.c
@@ -508,14 +508,13 @@ void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type,
  * signature blob */
 int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) {
 	
-	unsigned int bloblen;
 	unsigned char * type_name = NULL;
 	unsigned int type_name_len = 0;
 	enum signkey_type type;
 
 	TRACE(("enter buf_verify"))
 
-	bloblen = buf_getint(buf);
+	buf_getint(buf); /* blob length */
 	type_name = buf_getstring(buf, &type_name_len);
 	type = signkey_type_from_name(type_name, type_name_len);
 	m_free(type_name);