diff --git a/drbg.h b/drbg.h
index be926b12..8241d031 100644
--- a/drbg.h
+++ b/drbg.h
@@ -207,6 +207,9 @@ public:
         size_t nonceLength=0, const byte* personalization=NULLPTR, size_t personalizationLength=0)
         : NIST_DRBG(), m_c(SEEDLENGTH), m_v(SEEDLENGTH), m_reseed(0)
     {
+        std::memset(m_c, 0x00, m_c.size());
+        std::memset(m_v, 0x00, m_v.size());
+
         if (entropy != NULLPTR && entropyLength != 0)
             DRBG_Instantiate(entropy, entropyLength, nonce, nonceLength, personalization, personalizationLength);
     }
@@ -324,6 +327,9 @@ public:
         size_t nonceLength=0, const byte* personalization=NULLPTR, size_t personalizationLength=0)
         : NIST_DRBG(), m_k(HASH::DIGESTSIZE), m_v(HASH::DIGESTSIZE), m_reseed(0)
     {
+        std::memset(m_k, 0x00, m_k.size());
+        std::memset(m_v, 0x00, m_v.size());
+
         if (entropy != NULLPTR && entropyLength != 0)
             DRBG_Instantiate(entropy, entropyLength, nonce, nonceLength, personalization, personalizationLength);
     }
diff --git a/misc.h b/misc.h
index 7a12175f..52ece09c 100644
--- a/misc.h
+++ b/misc.h
@@ -1225,9 +1225,16 @@ CRYPTOPP_DLL void CRYPTOPP_API CallNewHandler();
 /// \note The function is not constant time because it stops processing when the carry is 0.
 inline void IncrementCounterByOne(byte *inout, unsigned int size)
 {
-	CRYPTOPP_ASSERT(inout != NULLPTR); CRYPTOPP_ASSERT(size < INT_MAX);
-	for (int i=int(size-1), carry=1; i>=0 && carry; i--)
-		carry = !++inout[i];
+	unsigned int carry=1;
+	while (carry && size != 0)
+	{
+		// On wrap inout[n] equals 0
+		carry = ! ++inout[size-1];
+		size--;
+	}
+
+	if (carry && size == 0)
+		inout[0]++;
 }
 
 /// \brief Performs an addition with carry on a block of bytes