diff --git a/src/persist.c b/src/persist.c
index c4430955..b8e2e484 100644
--- a/src/persist.c
+++ b/src/persist.c
@@ -412,16 +412,18 @@ static int _db_client_msg_restore(struct mosquitto_db *db, const char *client_id
 	struct mosquitto_msg_store *store;
 	struct mosquitto *context;
 
-	cmsg = _mosquitto_calloc(1, sizeof(struct mosquitto_client_msg));
+	cmsg = _mosquitto_malloc(sizeof(struct mosquitto_client_msg));
 	if(!cmsg){
 		_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory.");
 		return MOSQ_ERR_NOMEM;
 	}
 
+	cmsg->next = NULL;
 	cmsg->store = NULL;
 	cmsg->mid = mid;
 	cmsg->qos = qos;
 	cmsg->retain = retain;
+	cmsg->timestamp = 0;
 	cmsg->direction = direction;
 	cmsg->state = state;
 	cmsg->dup = dup;
@@ -451,7 +453,6 @@ static int _db_client_msg_restore(struct mosquitto_db *db, const char *client_id
 	}else{
 		context->msgs = cmsg;
 	}
-	cmsg->next = NULL;
 	context->last_msg = cmsg;
 
 	return MOSQ_ERR_SUCCESS;
@@ -472,13 +473,14 @@ static int _db_client_chunk_restore(struct mosquitto_db *db, FILE *db_fptr)
 		fclose(db_fptr);
 		return 1;
 	}
-	client_id = _mosquitto_calloc(slen+1, sizeof(char));
+	client_id = _mosquitto_malloc(slen+1);
 	if(!client_id){
 		fclose(db_fptr);
 		_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory.");
 		return MOSQ_ERR_NOMEM;
 	}
 	read_e(db_fptr, client_id, slen);
+	client_id[slen] = '\0';
 
 	read_e(db_fptr, &i16temp, sizeof(uint16_t));
 	last_mid = ntohs(i16temp);
@@ -522,13 +524,14 @@ static int _db_client_msg_chunk_restore(struct mosquitto_db *db, FILE *db_fptr)
 		fclose(db_fptr);
 		return 1;
 	}
-	client_id = _mosquitto_calloc(slen+1, sizeof(char));
+	client_id = _mosquitto_malloc(slen+1);
 	if(!client_id){
 		fclose(db_fptr);
 		_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory.");
 		return MOSQ_ERR_NOMEM;
 	}
 	read_e(db_fptr, client_id, slen);
+	client_id[slen] = '\0';
 
 	read_e(db_fptr, &i64temp, sizeof(dbid_t));
 	store_id = i64temp;
@@ -572,13 +575,14 @@ static int _db_msg_store_chunk_restore(struct mosquitto_db *db, FILE *db_fptr)
 	read_e(db_fptr, &i16temp, sizeof(uint16_t));
 	slen = ntohs(i16temp);
 	if(slen){
-		source_id = _mosquitto_calloc(slen+1, sizeof(char));
+		source_id = _mosquitto_malloc(slen+1);
 		if(!source_id){
 			fclose(db_fptr);
 			_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory.");
 			return MOSQ_ERR_NOMEM;
 		}
 		read_e(db_fptr, source_id, slen);
+		source_id[slen] = '\0';
 	}
 	read_e(db_fptr, &i16temp, sizeof(uint16_t));
 	source_mid = ntohs(i16temp);
@@ -589,7 +593,7 @@ static int _db_msg_store_chunk_restore(struct mosquitto_db *db, FILE *db_fptr)
 	read_e(db_fptr, &i16temp, sizeof(uint16_t));
 	slen = ntohs(i16temp);
 	if(slen){
-		topic = _mosquitto_calloc(slen+1, sizeof(char));
+		topic = _mosquitto_malloc(slen+1);
 		if(!topic){
 			fclose(db_fptr);
 			if(source_id) _mosquitto_free(source_id);
@@ -597,6 +601,7 @@ static int _db_msg_store_chunk_restore(struct mosquitto_db *db, FILE *db_fptr)
 			return MOSQ_ERR_NOMEM;
 		}
 		read_e(db_fptr, topic, slen);
+		topic[slen] = '\0';
 	}else{
 		_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Invalid msg_store chunk when restoring persistent database.");
 		fclose(db_fptr);
@@ -672,16 +677,18 @@ static int _db_sub_chunk_restore(struct mosquitto_db *db, FILE *db_fptr)
 
 	read_e(db_fptr, &i16temp, sizeof(uint16_t));
 	slen = ntohs(i16temp);
-	client_id = _mosquitto_calloc(slen+1, sizeof(char));
+	client_id = _mosquitto_malloc(slen+1);
 	if(!client_id){
 		fclose(db_fptr);
 		_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory.");
 		return MOSQ_ERR_NOMEM;
 	}
 	read_e(db_fptr, client_id, slen);
+	client_id[slen] = '\0';
+
 	read_e(db_fptr, &i16temp, sizeof(uint16_t));
 	slen = ntohs(i16temp);
-	topic = _mosquitto_calloc(slen+1, sizeof(char));
+	topic = _mosquitto_malloc(slen+1);
 	if(!topic){
 		fclose(db_fptr);
 		_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory.");
@@ -689,6 +696,8 @@ static int _db_sub_chunk_restore(struct mosquitto_db *db, FILE *db_fptr)
 		return MOSQ_ERR_NOMEM;
 	}
 	read_e(db_fptr, topic, slen);
+	topic[slen] = '\0';
+
 	read_e(db_fptr, &qos, sizeof(uint8_t));
 	if(_db_restore_sub(db, client_id, topic, qos)){
 		rc = 1;
diff --git a/src/read_handle.c b/src/read_handle.c
index 71bcfd9a..2679ffc2 100644
--- a/src/read_handle.c
+++ b/src/read_handle.c
@@ -138,12 +138,14 @@ int mqtt3_handle_publish(struct mosquitto_db *db, struct mosquitto *context)
 					if(cur_topic->local_prefix){
 						/* This prefix needs adding. */
 						len = strlen(topic) + strlen(cur_topic->local_prefix)+1;
-						topic_temp = _mosquitto_calloc(len+1, sizeof(char));
+						topic_temp = _mosquitto_malloc(len+1);
 						if(!topic_temp){
 							_mosquitto_free(topic);
 							return MOSQ_ERR_NOMEM;
 						}
 						snprintf(topic_temp, len, "%s%s", cur_topic->local_prefix, topic);
+						topic_temp[len] = '\0';
+
 						_mosquitto_free(topic);
 						topic = topic_temp;
 					}
@@ -172,12 +174,14 @@ int mqtt3_handle_publish(struct mosquitto_db *db, struct mosquitto *context)
 #endif
 	if(context->listener && context->listener->mount_point){
 		len = strlen(context->listener->mount_point) + strlen(topic) + 1;
-		topic_mount = _mosquitto_calloc(len, sizeof(char));
+		topic_mount = _mosquitto_malloc(len+1);
 		if(!topic_mount){
 			_mosquitto_free(topic);
 			return MOSQ_ERR_NOMEM;
 		}
 		snprintf(topic_mount, len, "%s%s", context->listener->mount_point, topic);
+		topic_mount[len] = '\0';
+
 		_mosquitto_free(topic);
 		topic = topic_mount;
 	}
diff --git a/src/read_handle_server.c b/src/read_handle_server.c
index 546099d5..bc2867c7 100644
--- a/src/read_handle_server.c
+++ b/src/read_handle_server.c
@@ -651,13 +651,15 @@ int mqtt3_handle_subscribe(struct mosquitto_db *db, struct mosquitto *context)
 			}
 			if(context->listener && context->listener->mount_point){
 				len = strlen(context->listener->mount_point) + strlen(sub) + 1;
-				sub_mount = _mosquitto_calloc(len, sizeof(char));
+				sub_mount = _mosquitto_malloc(len+1);
 				if(!sub_mount){
 					_mosquitto_free(sub);
 					if(payload) _mosquitto_free(payload);
 					return MOSQ_ERR_NOMEM;
 				}
 				snprintf(sub_mount, len, "%s%s", context->listener->mount_point, sub);
+				sub_mount[len] = '\0';
+
 				_mosquitto_free(sub);
 				sub = sub_mount;
 
diff --git a/src/subs.c b/src/subs.c
index ffdd18f6..2855def0 100644
--- a/src/subs.c
+++ b/src/subs.c
@@ -200,11 +200,12 @@ static int _sub_topic_tokenise(const char *subtopic, struct _sub_token **topics)
 			stop = i;
 
 			if(start != stop){
-				tlen = stop-start + 1;
+				tlen = stop-start;
 
-				topic = _mosquitto_calloc(tlen, sizeof(char));
+				topic = _mosquitto_malloc(tlen+1);
 				if(!topic) goto cleanup;
-				memcpy(topic, &subtopic[start], tlen-1);
+				memcpy(topic, &subtopic[start], tlen);
+				topic[tlen] = '\0';
 			}else{
 				topic = _mosquitto_strdup("");
 				if(!topic) goto cleanup;