diff --git a/lib/crypto/crypto_compat.c b/lib/crypto/crypto_compat.c
index 52209a19..f9769604 100644
--- a/lib/crypto/crypto_compat.c
+++ b/lib/crypto/crypto_compat.c
@@ -34,21 +34,21 @@
 #endif /* LIBRESSL_VERSION_NUMBER */
 
 /**
- * crypto_compat_RSA_valid_size(rsa):
- * Return nonzero if ${rsa} has a valid size, and zero for an invalid size.
+ * crypto_compat_RSA_valid_size(key):
+ * Return nonzero if ${key} has a valid size, and zero for an invalid size.
  */
 int
-crypto_compat_RSA_valid_size(const RSA * const rsa)
+crypto_compat_RSA_valid_size(const RSA * const key)
 {
 
 	/* Sanity checks. */
-	assert(rsa != NULL);
+	assert(key != NULL);
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
-	assert(rsa->n != NULL);
-	return ((RSA_size(rsa) == 256) && (BN_num_bits(rsa->n) == 2048));
+	assert(key->n != NULL);
+	return ((RSA_size(key) == 256) && (BN_num_bits(key->n) == 2048));
 #else
-	return ((RSA_size(rsa) == 256) && (RSA_bits(rsa) == 2048));
+	return ((RSA_size(key) == 256) && (RSA_bits(key) == 2048));
 #endif
 }
 
@@ -255,7 +255,7 @@ crypto_compat_free(void)
 	OPENSSL_cleanup();
 	CRYPTO_cleanup_all_ex_data();
 #else
-	/* Easerlier versions of OpenSSL and LibreSSL. */
+	/* Earlier versions of OpenSSL and LibreSSL. */
 
 	/* Free OpenSSL error queue. */
 #if OPENSSL_VERSION_NUMBER < 0x10000000L
diff --git a/lib/crypto/crypto_compat.h b/lib/crypto/crypto_compat.h
index f28169d3..669d863b 100644
--- a/lib/crypto/crypto_compat.h
+++ b/lib/crypto/crypto_compat.h
@@ -4,8 +4,8 @@
 #include <openssl/ossl_typ.h>
 
 /**
- * crypto_compat_RSA_valid_size(rsa):
- * Return nonzero if ${rsa} has a valid size, and zero for an invalid size.
+ * crypto_compat_RSA_valid_size(key):
+ * Return nonzero if ${key} has a valid size, and zero for an invalid size.
  */
 int crypto_compat_RSA_valid_size(const RSA * const key);
 
diff --git a/lib/network/tsnetwork_buf.c b/lib/network/tsnetwork_buf.c
index da405d49..a246b0e3 100644
--- a/lib/network/tsnetwork_buf.c
+++ b/lib/network/tsnetwork_buf.c
@@ -43,7 +43,7 @@ struct network_buf_cookie {
 	int flags;
 };
 
-static int callback_buf(void * cookie, int timedout);
+static int callback_buf(void * cookie, int status);
 static int network_buf(int fd, uint8_t * buf, size_t buflen,
     struct timeval * to0, struct timeval * to1,
     network_callback * callback, void * cookie,
diff --git a/libcperciva/crypto/crypto_entropy.c b/libcperciva/crypto/crypto_entropy.c
index c9023c2c..936e22ae 100644
--- a/libcperciva/crypto/crypto_entropy.c
+++ b/libcperciva/crypto/crypto_entropy.c
@@ -41,7 +41,8 @@ static void generate(uint8_t *, size_t);
 
 #ifdef CPUSUPPORT_X86_RDRAND
 static void
-update_from_rdrand(void) {
+update_from_rdrand(void)
+{
 	unsigned int buf[8];
 
 	/* This is only *extra* entropy, so it's ok if it fails. */
diff --git a/libcperciva/events/events_network.c b/libcperciva/events/events_network.c
index c81338f8..73d6aa79 100644
--- a/libcperciva/events/events_network.c
+++ b/libcperciva/events/events_network.c
@@ -22,8 +22,8 @@
  * for it to be larger than size_t unless there's an undocumented limit on
  * the number of descriptors which can be polled (since poll takes an array,
  * the size of which must fit into a size_t); and nfds_t should be able to
- * the value INT_MAX + 1 (in case every possible file descriptor is in use
- * and being polled for).
+ * store the value INT_MAX + 1 (in case every possible file descriptor is in
+ * use and being polled for).
  */
 CTASSERT((nfds_t)(-1) <= (size_t)(-1));
 CTASSERT((nfds_t)((size_t)(INT_MAX) + 1) == (size_t)(INT_MAX) + 1);
@@ -65,7 +65,7 @@ static size_t fdscanpos;
  *     S[i].reader != NULL <==> (fds[S[i].pollpos].events & POLLIN) != 0
  *     S[i].writer != NULL <==> (fds[S[i].pollpos].events & POLLOUT) != 0
  * 5. We don't have events ready which we don't want:
- *     (fds[j].revents & (POLLIN | POLLOUT) & (~fds[j].events])) == 0
+ *     (fds[j].revents & (POLLIN | POLLOUT) & (~fds[j].events)) == 0
  * 6. Returned events are in position to be scanned later:
  *     fds[j].revents != 0 ==> f < fdscanpos.
  */
@@ -451,7 +451,7 @@ events_network_get(void)
 			break;
 		}
 
-		/* Are we ready for reading? */
+		/* Are we ready for writing? */
 		if (fds[fdscanpos].revents & POLLOUT) {
 			r = socketlist_get(S,
 			    (size_t)fds[fdscanpos].fd)->writer;
diff --git a/libcperciva/util/sock.c b/libcperciva/util/sock.c
index ce4da55a..fa6eadf7 100644
--- a/libcperciva/util/sock.c
+++ b/libcperciva/util/sock.c
@@ -34,6 +34,8 @@ sock_resolve_unix(const char * addr)
 	if ((sa_un = calloc(1, sizeof(struct sockaddr_un))) == NULL)
 		goto err0;
 	sa_un->sun_family = AF_UNIX;
+
+	/* Safely copy addr into the structure. */
 	if (strlen(addr) >= sizeof(sa_un->sun_path)) {
 		warn0("socket path too long: %s", addr);
 		goto err1;