diff --git a/src/pk.c b/src/pk.c
index 8842a89a76..14ef0dd9c4 100644
--- a/src/pk.c
+++ b/src/pk.c
@@ -15745,8 +15745,7 @@ int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header,
  * @param [in] header  Encryption header.
  * @param [in] data    DER data.
  * @param [in] len     Length of DER data.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  0 on failure.
  */
 int wolfSSL_PEM_write_bio(WOLFSSL_BIO* bio, const char *name,
     const char *header, const unsigned char *data, long len)
@@ -15757,23 +15756,21 @@ int wolfSSL_PEM_write_bio(WOLFSSL_BIO* bio, const char *name,
 
     /* Validate parameters. */
     if ((bio == NULL) || (name == NULL) || (header == NULL) || (data == NULL)) {
-        err = 1;
+        err = BAD_FUNC_ARG;
     }
 
     /* Encode into a buffer. */
-    if ((!err) && (pem_write_data(name, header, data, len, &pem, &pemLen) !=
-            0)) {
-        pemLen = 0;
-        err = 1;
+    if (!err) {
+        err = pem_write_data(name, header, data, len, &pem, &pemLen);
     }
 
     /* Write PEM into BIO. */
     if ((!err) && (wolfSSL_BIO_write(bio, pem, pemLen) != (int)pemLen)) {
-        pemLen = 0;
+        err = IO_FAILED_E;
     }
 
     XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    return pemLen;
+    return (!err) ? pemLen : 0;
 }
 #endif /* !NO_BIO */
 
diff --git a/wolfcrypt/src/cmac.c b/wolfcrypt/src/cmac.c
index 49ab1657c2..460d02a078 100644
--- a/wolfcrypt/src/cmac.c
+++ b/wolfcrypt/src/cmac.c
@@ -211,7 +211,7 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
     /* Clear CRYPTOCB_UNAVAILABLE return code */
     ret = 0;
 
-    while (inSz != 0) {
+    while ((ret == 0) && (inSz != 0)) {
         word32 add = min(inSz, AES_BLOCK_SIZE - cmac->bufferSz);
         XMEMCPY(&cmac->buffer[cmac->bufferSz], in, add);