diff --git a/libr/bin/p/bin_nro.c b/libr/bin/p/bin_nro.c
index 976c149459..ee2632bcc1 100644
--- a/libr/bin/p/bin_nro.c
+++ b/libr/bin/p/bin_nro.c
@@ -108,7 +108,7 @@ static const char *readString(RBuffer *buf, int off) {
 }
 
 static ut64 baddr(RBinFile *arch) {
-	return readLE32 (arch->buf, NRO_OFFSET_MODMEMOFF);
+	return arch? readLE32 (arch->buf, NRO_OFFSET_MODMEMOFF): 0;
 }
 
 static const char *fileType(const ut8 *buf) {
diff --git a/libr/core/graph.c b/libr/core/graph.c
index 0da5889199..fd26c3d9d8 100644
--- a/libr/core/graph.c
+++ b/libr/core/graph.c
@@ -2002,14 +2002,13 @@ static int get_cgnodes(RAGraph *g, RCore *core, RAnalFunction *fcn) {
 	if (!f) {
 		return false;
 	}
+	if (!fcn) {
+		fcn = f;
+	}
 
 	r_core_seek (core, f->addr, 1);
 
-	if (fcn) {
-		title = get_title (fcn->addr);
-	} else {
-		title = r_str_newf ("0x%08"PFMT64x, core->offset);
-	}
+	title = get_title (fcn->addr);
 	fcn_anode = r_agraph_add_node (g, title, "");
 
 	free (title);
diff --git a/shlr/java/class.c b/shlr/java/class.c
index e9442c0a03..870347ec0d 100644
--- a/shlr/java/class.c
+++ b/shlr/java/class.c
@@ -8739,9 +8739,10 @@ R_API int U(r_bin_java_double_cp_set)(RBinJavaObj * bin, ut16 idx, ut32 val) {
 	}
 	r_bin_java_check_reset_cp_obj (cp_obj, R_BIN_JAVA_CP_DOUBLE);
 	cp_obj->tag = R_BIN_JAVA_CP_DOUBLE;
-	memcpy (bytes, (const char *) &val, 8);
-	val = r_bin_java_raw_to_long (bytes, 0);
-	memcpy (&cp_obj->info.cp_double.bytes.raw, (const char *) &val, 8);
+	ut64 val64 = val;
+	memcpy (bytes, (const char *) &val64, 8);
+	val64 = r_bin_java_raw_to_long (bytes, 0);
+	memcpy (&cp_obj->info.cp_double.bytes.raw, (const char *) &val64, 8);
 	return true;
 }
 
@@ -8898,21 +8899,39 @@ R_API ut8 *U(r_bin_java_cp_append_ref_cname_fname_ftype)(RBinJavaObj * bin, ut32
 			}
 			bytes = calloc (1, total_len);
 			// class name bytes
+			if (*out_sz + cn_len >= total_len) {
+				goto beach;
+			}
 			memcpy (bytes, cn_bytes + *out_sz, cn_len);
 			*out_sz += cn_len;
 			// field name bytes
+			if (*out_sz + fn_len >= total_len) {
+				goto beach;
+			}
 			memcpy (bytes, fn_bytes + *out_sz, fn_len);
 			*out_sz += fn_len;
 			// field type bytes
+			if (*out_sz + ft_len >= total_len) {
+				goto beach;
+			}
 			memcpy (bytes, ft_bytes + *out_sz, ft_len);
 			*out_sz += ft_len;
 			// class ref bytes
+			if (*out_sz + cref_len >= total_len) {
+				goto beach;
+			}
 			memcpy (bytes, cref_bytes + *out_sz, cref_len);
 			*out_sz += fn_len;
 			// field name and type bytes
+			if (*out_sz + fnt_len >= total_len) {
+				goto beach;
+			}
 			memcpy (bytes, fnt_bytes + *out_sz, fnt_len);
 			*out_sz += fnt_len;
 			// field ref bytes
+			if (*out_sz + fref_len >= total_len) {
+				goto beach;
+			}
 			memcpy (bytes, fref_bytes + *out_sz, fref_len);
 			*out_sz += fref_len;
 		}