diff --git a/lib/context.c b/lib/context.c
index ea2de5ab3..9c0073a1d 100644
--- a/lib/context.c
+++ b/lib/context.c
@@ -374,8 +374,10 @@ lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason,
 			lws_callback_on_writable(wsi);
 			break;
 		case LWS_STDERR:
-			n = read(lws_get_socket_fd(args->stdwsi[LWS_STDERR]),
-						   buf, sizeof(buf) - 2);
+			n = lws_get_socket_fd(args->stdwsi[LWS_STDERR]);
+			if (n < 0)
+				break;
+			n = read(n, buf, sizeof(buf) - 2);
 			if (n > 0) {
 				if (buf[n - 1] != '\n')
 					buf[n++] = '\n';
@@ -403,8 +405,10 @@ lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason,
 	case LWS_CALLBACK_CGI_STDIN_DATA:  /* POST body for stdin */
 		args = (struct lws_cgi_args *)in;
 		args->data[args->len] = '\0';
-		n = write(lws_get_socket_fd(args->stdwsi[LWS_STDIN]),
-			  args->data, args->len);
+		n = lws_get_socket_fd(args->stdwsi[LWS_STDIN]);
+		if (n < 0)
+			return -1;
+		n = write(n, args->data, args->len);
 		if (n < args->len)
 			lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: "
 				    "sent %d only %d went", n, args->len);
diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c
index 7b624cc11..7c7b3aadd 100755
--- a/lib/libwebsockets.c
+++ b/lib/libwebsockets.c
@@ -1450,10 +1450,11 @@ lws_set_socks(struct lws_vhost *vhost, const char *socks)
 				lwsl_err("Socks password too long\n");
 				goto bail;
 			}
+
+			strncpy(vhost->socks_user, socks, p_colon - socks);
+			strncpy(vhost->socks_password, p_colon + 1,
+				p_at - (p_colon + 1));
 		}
-		strncpy(vhost->socks_user, socks, p_colon - socks);
-		strncpy(vhost->socks_password, p_colon + 1,
-			p_at - (p_colon + 1));
 
 		lwsl_info(" Socks auth, user: %s, password: %s\n",
 			vhost->socks_user, vhost->socks_password );
@@ -2581,8 +2582,8 @@ lws_cgi(struct lws *wsi, const char * const *exec_array, int script_uri_path_len
 
 		if (script_uri_path_len < 0 && uritok < 0)
 			goto bail3;
-		if (script_uri_path_len < 0)
-			uritok = 0;
+//		if (script_uri_path_len < 0)
+//			uritok = 0;
 
 		lws_snprintf(cgi_path, sizeof(cgi_path) - 1, "REQUEST_URI=%s",
 			 lws_hdr_simple_ptr(wsi, uritok));
@@ -2905,7 +2906,10 @@ lws_cgi_write_split_stdout_headers(struct lws *wsi)
 			}
 		}
 
-		n = read(lws_get_socket_fd(wsi->cgi->stdwsi[LWS_STDOUT]), &c, 1);
+		n = lws_get_socket_fd(wsi->cgi->stdwsi[LWS_STDOUT]);
+		if (n < 0)
+			return -1;
+		n = read(n, &c, 1);
 		if (n < 0) {
 			if (errno != EAGAIN) {
 				lwsl_debug("%s: read says %d\n", __func__, n);
@@ -3033,9 +3037,10 @@ lws_cgi_write_split_stdout_headers(struct lws *wsi)
 	/* payload processing */
 
 	m = !wsi->cgi->explicitly_chunked && !wsi->cgi->content_length;
-
-	n = read(lws_get_socket_fd(wsi->cgi->stdwsi[LWS_STDOUT]),
-		 start, sizeof(buf) - LWS_PRE - (m ? LWS_HTTP_CHUNK_HDR_SIZE : 0));
+	n = lws_get_socket_fd(wsi->cgi->stdwsi[LWS_STDOUT]);
+	if (n < 0)
+		return -1;
+	n = read(n, start, sizeof(buf) - LWS_PRE - (m ? LWS_HTTP_CHUNK_HDR_SIZE : 0));
 
 	if (n < 0 && errno != EAGAIN) {
 		lwsl_debug("%s: stdout read says %d\n", __func__, n);
diff --git a/lib/parsers.c b/lib/parsers.c
index f5f372c6a..b99fb26bb 100644
--- a/lib/parsers.c
+++ b/lib/parsers.c
@@ -367,7 +367,7 @@ int lws_header_table_detach(struct lws *wsi, int autoservice)
 #if defined(LWS_WITH_PEER_LIMITS)
 		else
 			if (!(*pwsi)->u.hdr.ah_wait_list)
-				lws_stats_atomic_bump(wsi->context, pt,
+				lws_stats_atomic_bump(context, pt,
 					LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1);
 #endif
 		pwsi = &(*pwsi)->u.hdr.ah_wait_list;
diff --git a/lib/server.c b/lib/server.c
index 08752255a..256574ac9 100644
--- a/lib/server.c
+++ b/lib/server.c
@@ -775,11 +775,14 @@ lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth)
 		l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_USER_AGENT);
 		if (l) {
 			wsi->access_log.user_agent = lws_malloc(l + 2);
-			if (wsi->access_log.user_agent)
-				lws_hdr_copy(wsi, wsi->access_log.user_agent,
-						l + 1, WSI_TOKEN_HTTP_USER_AGENT);
-			else
+			if (!wsi->access_log.user_agent) {
 				lwsl_err("OOM getting user agent\n");
+				lws_free_set_NULL(wsi->access_log.header_log);
+				return;
+			}
+
+			lws_hdr_copy(wsi, wsi->access_log.user_agent,
+					l + 1, WSI_TOKEN_HTTP_USER_AGENT);
 
 			for (m = 0; m < l; m++)
 				if (wsi->access_log.user_agent[m] == '\"')
@@ -788,11 +791,14 @@ lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth)
 		l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_REFERER);
 		if (l) {
 			wsi->access_log.referrer = lws_malloc(l + 2);
-			if (wsi->access_log.referrer)
-				lws_hdr_copy(wsi, wsi->access_log.referrer,
-						l + 1, WSI_TOKEN_HTTP_REFERER);
-			else
+			if (!wsi->access_log.referrer) {
 				lwsl_err("OOM getting user agent\n");
+				lws_free_set_NULL(wsi->access_log.user_agent);
+				lws_free_set_NULL(wsi->access_log.header_log);
+				return;
+			}
+			lws_hdr_copy(wsi, wsi->access_log.referrer,
+					l + 1, WSI_TOKEN_HTTP_REFERER);
 
 			for (m = 0; m < l; m++)
 				if (wsi->access_log.referrer[m] == '\"')
@@ -1835,7 +1841,7 @@ lws_get_or_create_peer(struct lws_vhost *vhost, lws_sockfd_type sockfd)
 	if (af == AF_INET) {
 		struct sockaddr_in *s = (struct sockaddr_in *)&addr;
 		q = &s->sin_addr;
-		rlen = sizeof(&s->sin_addr);
+		rlen = sizeof(s->sin_addr);
 	} else
 #ifdef LWS_USE_IPV6
 	{