diff --git a/src/cmdu.c b/src/cmdu.c
index a3103eff04990114c1139978ef18d544a91c3014..3fdbfa2708e491f836f4145e2ca767563839b150 100644
--- a/src/cmdu.c
+++ b/src/cmdu.c
@@ -126,7 +126,7 @@ uint16_t tlv_total_length(struct tlv *t)
 	return tlv_length(t) + 3;
 }
 
-static size_t tlv_minsize(uint8_t type)
+static size_t tlv_minsize(struct tlv *t)
 {
 	size_t sizeof_tlv[] = {
 		[TLV_TYPE_END_OF_MESSAGE] =                      sizeof(struct tlv_eom),
@@ -161,8 +161,8 @@ static size_t tlv_minsize(uint8_t type)
 		[TLV_TYPE_L2_NEIGHBOR_DEVICE] =                  sizeof(struct tlv_l2_neighbor),
 	};
 
-	if (type <= TLV_TYPE_L2_NEIGHBOR_DEVICE)
-		return sizeof_tlv[type];
+	if (t->type <= TLV_TYPE_L2_NEIGHBOR_DEVICE)
+		return sizeof_tlv[t->type];
 
 	return 0;
 }
diff --git a/src/cmdu_output.c b/src/cmdu_output.c
index d4f6f3776eb5fa462339c7e89c5f175f7f7f0203..0967af018d04e8a6346b0f24f7ceaeedd3ea17aa 100644
--- a/src/cmdu_output.c
+++ b/src/cmdu_output.c
@@ -423,7 +423,7 @@ struct cmdu_buff *i1905_build_topology_response(struct i1905_interface *iface)
 			if (rem >= sizeof(*non)) {
 				t->len += sizeof(*non);
 				memcpy(non->macaddr, nnbr->macaddr, 6);
-				fprintf(stderr, MACFMT"\n", MAC2STR(non->macaddr));
+				dbg7(MACFMT"\n", MAC2STR(non->macaddr));
 				rem -= sizeof(*non);
 			}
 		}
@@ -463,7 +463,7 @@ struct cmdu_buff *i1905_build_topology_response(struct i1905_interface *iface)
 				t->len += sizeof(*nbr);
 				memcpy(nbr->aladdr, nif->aladdr, 6);
 				nbr->has_bridge = nif->has_bridge ? 0x8 : 0;
-				fprintf(stderr, MACFMT"\n", MAC2STR(nbr->aladdr));
+				dbg7(MACFMT"\n", MAC2STR(nbr->aladdr));
 				rem -= sizeof(*nbr);
 			}
 		}
diff --git a/src/cryptutil.c b/src/cryptutil.c
index 6f64a654958a09ff47e181c44415a4964de74919..47d8f5fcaa26f26b9544001b7887574e93b63c05 100644
--- a/src/cryptutil.c
+++ b/src/cryptutil.c
@@ -479,23 +479,18 @@ uint8_t PLATFORM_GENERATE_DH_KEY_PAIR(uint8_t **priv, uint16_t *priv_len,
 	DH *dh;
 
 
-	if (!priv || !priv_len || !pub || !pub_len) {
-		fprintf(stderr, stderr, "invalid args\n");
+	if (!priv || !priv_len || !pub || !pub_len)
 		return -1;
-	}
 
 	dh = DH_new();
-	if (!dh) {
-		fprintf(stderr, stderr, "-ENOMEM\n");
+	if (!dh)
 		return -1;
-	}
 
 #if OPENSSL_VERSION_NUMBER >= 0x1010000fL
 	dhp_bn = BN_bin2bn(dh1536_p, sizeof(dh1536_p), NULL);
 	dhg_bn = BN_bin2bn(dh1536_g, sizeof(dh1536_g), NULL);
 
 	if (!dhp_bn || !dhg_bn || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
-		fprintf(stderr, stderr, "error!\n");
 		DH_free(dh);
 		BN_free(dhp_bn);
 		BN_free(dhg_bn);
@@ -505,21 +500,18 @@ uint8_t PLATFORM_GENERATE_DH_KEY_PAIR(uint8_t **priv, uint16_t *priv_len,
 	dh->p = BN_bin2bn(dh1536_p, sizeof(dh1536_p), NULL);
 	if (dh->p == NULL) {
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	}
 
 	dh->g = BN_bin2bn(dh1536_g, sizeof(dh1536_g), NULL);
 	if (dh->g == NULL) {
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	}
 #endif
 
 	if (DH_generate_key(dh) == 0) {
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	}
 
@@ -528,7 +520,6 @@ uint8_t PLATFORM_GENERATE_DH_KEY_PAIR(uint8_t **priv, uint16_t *priv_len,
 	*priv_len = BN_num_bytes(pv);
 	*priv = calloc(*priv_len + 1, sizeof(uint8_t));
 	if (!*priv) {
-		fprintf(stderr, stderr, "-ENOMEM\n");
 		return -1;
 	}
 
@@ -538,7 +529,6 @@ uint8_t PLATFORM_GENERATE_DH_KEY_PAIR(uint8_t **priv, uint16_t *priv_len,
 	*pub_len = BN_num_bytes(pu);
 	*pub = calloc(*pub_len + 1, sizeof(uint8_t));
 	if (!*pub) {
-		fprintf(stderr, stderr, "-ENOMEM\n");
 		return -1;
 	}
 
@@ -547,7 +537,6 @@ uint8_t PLATFORM_GENERATE_DH_KEY_PAIR(uint8_t **priv, uint16_t *priv_len,
 	*priv_len = BN_num_bytes(dh->priv_key);
 	*priv = malloc(*priv_len);
 	if (!*priv) {
-		fprintf(stderr, stderr, "-ENOMEM\n");
 		return -1;
 	}
 
@@ -556,7 +545,6 @@ uint8_t PLATFORM_GENERATE_DH_KEY_PAIR(uint8_t **priv, uint16_t *priv_len,
 	*pub_len = BN_num_bytes(dh->pub_key);
 	*pub = malloc(*pub_len);
 	if (!*pub) {
-		fprintf(stderr, stderr, "-ENOMEM\n");
 		return -1;
 	}
 
@@ -586,13 +574,11 @@ int PLATFORM_COMPUTE_DH_SHARED_SECRET(uint8_t **shared_secret,
 
 
 	if (!shared_secret || !shared_secret_len || !remote_pub || !local_priv) {
-		fprintf(stderr, stderr, "invalid args\n");
 		return -EINVAL;
 	}
 
 	dh = DH_new();
 	if (!dh) {
-		fprintf(stderr, stderr, "-ENOMEM\n");
 		return -1;
 	}
 
@@ -601,7 +587,6 @@ int PLATFORM_COMPUTE_DH_SHARED_SECRET(uint8_t **shared_secret,
 	dhg_bn = BN_bin2bn(dh1536_g, sizeof(dh1536_g), NULL);
 
 	if (!dhp_bn || !dhg_bn || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
-		fprintf(stderr, stderr, "error!\n");
 		DH_free(dh);
 		BN_free(dhp_bn);
 		BN_free(dhg_bn);
@@ -611,7 +596,6 @@ int PLATFORM_COMPUTE_DH_SHARED_SECRET(uint8_t **shared_secret,
 	pub_key = BN_bin2bn(remote_pub, remote_pub_len, NULL);
 	if (pub_key == NULL) {
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	}
 
@@ -619,7 +603,6 @@ int PLATFORM_COMPUTE_DH_SHARED_SECRET(uint8_t **shared_secret,
 	if (priv_key == NULL) {
 		BN_clear_free(priv_key);
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	}
 
@@ -628,26 +611,22 @@ int PLATFORM_COMPUTE_DH_SHARED_SECRET(uint8_t **shared_secret,
 	dh->p = BN_bin2bn(dh1536_p, sizeof(dh1536_p), NULL);
 	if (dh->p == NULL) {
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	}
 
 	dh->g = BN_bin2bn(dh1536_g, sizeof(dh1536_g), NULL);
 	if (dh->g == NULL) {
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	}
 	pub_key = BN_bin2bn(remote_pub, remote_pub_len, NULL);
 	if (pub_key == NULL) {
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	}
 	dh->priv_key = BN_bin2bn(local_priv, local_priv_len, NULL);
 	if (dh->priv_key == NULL) {
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	}
 #endif
@@ -655,7 +634,6 @@ int PLATFORM_COMPUTE_DH_SHARED_SECRET(uint8_t **shared_secret,
 
 	*shared_secret = calloc(rlen, sizeof(uint8_t));
 	if (!*shared_secret) {
-		fprintf(stderr, stderr, "-ENOMEM\n");
 		return -1;
 	}
 
@@ -666,7 +644,6 @@ int PLATFORM_COMPUTE_DH_SHARED_SECRET(uint8_t **shared_secret,
 		*shared_secret = NULL;
 		BN_clear_free(pub_key);
 		DH_free(dh);
-		fprintf(stderr, stderr, "error!\n");
 		return -1;
 	} else {
 		*shared_secret_len = (uint16_t)keylen;
@@ -694,21 +671,21 @@ static int openssl_digest_vector(const EVP_MD *type, size_t num_elem,
 	if (!ctx)
 		return -1;
 	if (!EVP_DigestInit_ex(ctx, type, NULL)) {
-		fprintf(stderr, stderr, "OpenSSL: EVP_DigestInit_ex failed: %s",
+		fprintf(stderr, "OpenSSL: EVP_DigestInit_ex failed: %s",
 			ERR_error_string(ERR_get_error(), NULL));
 		EVP_MD_CTX_free(ctx);
 		return -1;
 	}
 	for (i = 0; i < num_elem; i++) {
 		if (!EVP_DigestUpdate(ctx, addr[i], len[i])) {
-			fprintf(stderr, stderr, "OpenSSL: EVP_DigestUpdate failed: %s",
+			fprintf(stderr, "OpenSSL: EVP_DigestUpdate failed: %s",
 				ERR_error_string(ERR_get_error(), NULL));
 			EVP_MD_CTX_free(ctx);
 			return -1;
 		}
 	}
 	if (!EVP_DigestFinal(ctx, mac, &mac_len)) {
-		fprintf(stderr, stderr, "OpenSSL: EVP_DigestFinal failed: %s",
+		fprintf(stderr, "OpenSSL: EVP_DigestFinal failed: %s",
 			ERR_error_string(ERR_get_error(), NULL));
 		EVP_MD_CTX_free(ctx);
 		return -1;
diff --git a/src/debug.c b/src/debug.c
index 64ee650d8f0d544f1d8c3fbadb93f78244d0fb90..6b1dd3b41b101e5bab451f96d86cc4ae01b48f77 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -118,7 +118,7 @@ void log_message(int level, const char *fmt, ...)
 
 	if (outfile) {
 		fprintf(outfile, "[%d]: ", getpid());
-		vfprintf(outfile, fmt, args);
+		vfprintf(outfile, fmt, args); /* Flawfinder: ignore */
 	}
 
 	if (logfile_isfifo && ffd)
diff --git a/src/i1905.c b/src/i1905.c
index 73cd8dd91fc07f72d384f06630edf6e7a5aac144..ce88026edcb7bee1dd7910ffb0197ae4bea31364 100644
--- a/src/i1905.c
+++ b/src/i1905.c
@@ -208,21 +208,21 @@ static void i1905_set_ebtable_rules(uint8_t *if_macaddr, uint8_t *aladdr)
 
 
 	/* bypass bridge flow for 1905 unicast to interface */
-	snprintf(cmd, 511, fmt, MAC2STR(if_macaddr));
+	snprintf(cmd, 511, fmt, MAC2STR(if_macaddr)); /* Flawfinder: ignore */
 	dbg("%s\n", cmd);
-	system(cmd);
+	system(cmd); /* Flawfinder: ignore */
 
 	/* bypass bridge flow for CMDUs to our AL-address */
 	memset(cmd, 0, sizeof(cmd));
-	snprintf(cmd, 511, fmt, MAC2STR(aladdr));
+	snprintf(cmd, 511, fmt, MAC2STR(aladdr)); /* Flawfinder: ignore */
 	dbg("%s\n", cmd);
-	system(cmd);
+	system(cmd); /* Flawfinder: ignore */
 
 	/* bypass bridge flow for 1905 multicast CMDUs */
 	memset(cmd, 0, sizeof(cmd));
-	snprintf(cmd, 511, fmt, MAC2STR(MCAST_1905));
+	snprintf(cmd, 511, fmt, MAC2STR(MCAST_1905)); /* Flawfinder: ignore */
 	dbg("%s\n", cmd);
-	system(cmd);
+	system(cmd); /* Flawfinder: ignore */
 }
 
 static void i1905_clear_ebtable_rules(uint8_t *if_macaddr, uint8_t *aladdr)
@@ -232,19 +232,19 @@ static void i1905_clear_ebtable_rules(uint8_t *if_macaddr, uint8_t *aladdr)
 		"ebtables -t broute -D BROUTING -d " MACFMT " -p 0x893a -j DROP";
 
 
-	snprintf(cmd, 511, fmt, MAC2STR(if_macaddr));
+	snprintf(cmd, 511, fmt, MAC2STR(if_macaddr)); /* Flawfinder: ignore */
 	dbg("%s\n", cmd);
-	system(cmd);
+	system(cmd); /* Flawfinder: ignore */
 
 	memset(cmd, 0, sizeof(cmd));
-	snprintf(cmd, 511, fmt, MAC2STR(aladdr));
+	snprintf(cmd, 511, fmt, MAC2STR(aladdr)); /* Flawfinder: ignore */
 	dbg("%s\n", cmd);
-	system(cmd);
+	system(cmd); /* Flawfinder: ignore */
 
 	memset(cmd, 0, sizeof(cmd));
-	snprintf(cmd, 511, fmt, MAC2STR(MCAST_1905));
+	snprintf(cmd, 511, fmt, MAC2STR(MCAST_1905)); /* Flawfinder: ignore */
 	dbg("%s\n", cmd);
-	system(cmd);
+	system(cmd); /* Flawfinder: ignore */
 }
 
 static void i1905_bypass_bridge_flow(uint8_t *macaddr)
@@ -256,14 +256,14 @@ static void i1905_bypass_bridge_flow(uint8_t *macaddr)
 		"ebtables -t broute -I BROUTING 1 -d " MACFMT " -p 0x893a -j DROP";
 
 
-	snprintf(cmd, 511, clr, MAC2STR(macaddr));
+	snprintf(cmd, 511, clr, MAC2STR(macaddr)); /* Flawfinder: ignore */
 	dbg("%s\n", cmd);
-	system(cmd);
+	system(cmd); /* Flawfinder: ignore */
 
 	memset(cmd, 0, sizeof(cmd));
-	snprintf(cmd, 511, set, MAC2STR(macaddr));
+	snprintf(cmd, 511, set, MAC2STR(macaddr)); /* Flawfinder: ignore */
 	dbg("%s\n", cmd);
-	system(cmd);
+	system(cmd); /* Flawfinder: ignore */
 }
 
 static struct i1905_interface *i1905_alloc_interface(struct i1905_private *priv,
@@ -2095,7 +2095,7 @@ int i1905_init(void **priv, void *opts)
 
 
 	INIT_LIST_HEAD(&p->extlist);
-	sprintf(p->al_ifname, "%s", "i1905");	//TODO:
+	snprintf(p->al_ifname, 16, "%s", "i1905");	//TODO:
 
 	uloop_init();
 	p->ctx = ubus_connect(uopts->ubus_sockpath);
@@ -2212,7 +2212,7 @@ int i1905_main(void *user_options)
 
 	ret = i1905_init(&i1905_handle, opts);
 	if (ret) {
-		fprintf(stderr, IEEE1905_OBJECT ": Failed to init.\n");
+		fprintf(stderr, "%s : Failed to init.\n", IEEE1905_OBJECT);
 		return -1;
 	}
 
diff --git a/src/i1905_ubus.c b/src/i1905_ubus.c
index c2dee8b05f66b47dc938acf86d2fe1e9d45d7940..336880f0b2c73ed8f21ccd57b38ef40063ddff6e 100644
--- a/src/i1905_ubus.c
+++ b/src/i1905_ubus.c
@@ -1395,7 +1395,7 @@ int i1905_publish_interface_objects(struct i1905_private *p)
 	list_for_each_entry(iface, &p->dm.self.iflist, list) {
 
 		priv = (struct i1905_interface_private *)iface->priv;
-		snprintf(objname, 63, IEEE1905_OBJECT".al.%s", iface->ifname);
+		snprintf(objname, 63, "%s.al.%s", IEEE1905_OBJECT, iface->ifname);
 		add_iface_methods(&priv->obj);
 
 		priv->obj.name = strdup(objname);
@@ -1638,7 +1638,7 @@ int i1905_publish_interface_object(struct i1905_private *priv, const char *ifnam
 			continue;
 
 		ifpriv = (struct i1905_interface_private *)iface->priv;
-		snprintf(objname, 63, IEEE1905_OBJECT".al.%s", iface->ifname);
+		snprintf(objname, 63, "%s.al.%s", IEEE1905_OBJECT, iface->ifname);
 		add_iface_methods(&ifpriv->obj);
 		ifpriv->obj.name = strdup(objname);
 		ifpriv->obj_type.name = ifpriv->obj.name;
diff --git a/src/i1905_wsc.c b/src/i1905_wsc.c
index 4f2942e4ecdb3b7cfc9c6e096408427aa0e42d47..943379ddda986cc8d5a845d91d9b97e1f3a9583b 100644
--- a/src/i1905_wsc.c
+++ b/src/i1905_wsc.c
@@ -64,50 +64,6 @@ do {					\
 	b += s;				\
 } while(0)
 
-/** Print ssid to stderr
- *
- * @param[in] fmt desired output format.
- * @param[in] len length of desired format (not including SSID).
- * @param[in] ssid pointer to SSID data.
- * @return 0 on Success, -1 or any other value on error.
- */
-int print_ssid(char *fmt, uint32_t len, uint8_t *ssid)
-{
-	char ssid_buf[33] = {0};
-	char fmt_buf[256] = {0};
-
-	if (len > (255 - 32))
-		return -1;
-
-	memcpy(ssid_buf, ssid, 32);
-	snprintf(fmt_buf, 256, fmt, ssid);
-	fprintf(stderr, "%s", fmt_buf);
-
-	return 0;
-}
-
-/** Print network key to stderr
- *
- * @param[in] fmt desired output format.
- * @param[in] len length of desired format (not including network key).
- * @param[in] key pointer to network key data.
- * @return 0 on Success, -1 or any other value on error.
- */
-int print_key(char *fmt, uint32_t len, uint8_t *key)
-{
-	char key_buf[65] = {0};
-	char fmt_buf[256] = {0};
-
-	if (len > (255 - 64))
-		return -1;
-
-	memcpy(key_buf, key, 32);
-	snprintf(fmt_buf, 256, fmt, key);
-	fprintf(stderr, "%s", fmt_buf);
-
-	return 0;
-}
-
 
 int wsc_put_u8(uint8_t **p, size_t *remain, uint16_t attr, uint8_t data)
 {
@@ -706,14 +662,15 @@ int wsc_build_m2(uint8_t *m1, uint16_t m1_size, struct wps_credential *cred,
 			return -1;
 		}
 
+#if 0
 		fprintf(stderr, "AP configuration settings --->\n");
-		fprintf(stderr, "\tssid           : %s\n", cred->ssid);	// print_ssid()
+		fprintf(stderr, "\tssid           : %s\n", cred->ssid);
 		fprintf(stderr, "\tbssid          : " MACFMT "\n", MAC2STR(cred->macaddr));
 		fprintf(stderr, "\tauth_type      : 0x%04x\n", cred->auth_type);
 		fprintf(stderr, "\tenc_type       : 0x%04x\n", cred->enc_type);
-		fprintf(stderr, "\tkey            : %s\n", cred->key);	// print_key()
+		fprintf(stderr, "\tkey            : %s\n", cred->key);
 		fprintf(stderr, "\tmap_extension  : 0x%02x\n", cred->mapie);
-
+#endif
 
 		/* user passed vendor extension buffer starting with oui */
 		if (ven && venlen > 0 && venlen < rlen) {
diff --git a/src/neigh.c b/src/neigh.c
index 800e13c9aa6c34eb6d53adb862db4eb5c748d980..8b2803daf24a30b5d6f80558ef32eba6536c667b 100644
--- a/src/neigh.c
+++ b/src/neigh.c
@@ -94,7 +94,7 @@ static void neigh_probing_timer_run(atimer_t *t)
 
 		inet_ntop(x->ip.family, &x->ip.addr, ipbuf, sizeof(ipbuf));
 		snprintf(cmd, 255, "arping -c 2 -w 1 %s &", ipbuf);
-		system(cmd);
+		system(cmd); /* Flawfinder: ignore */
 	}
 }