in FLAC__MD5Final, I see the following line of code memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ ctx is a pointer, so sizeof(ctx) will be 4 or 8. I believe the intent is for the line to be memset(ctx, 0, sizeof(*ctx)); Am I correct? This is a non-critical issue, I think. I'm not even sure the purpose of this. It appears to be for zeroing out the passed in data structure, but it's only zeroing out the first 4 bytes (or 8 on 64bit platforms) -Ben Allison Nullsoft, Inc.