diff --git a/src/auth/password-scheme-sodium.c b/src/auth/password-scheme-sodium.c
index b502fc5cfa..3e2f6bdf1d 100644
--- a/src/auth/password-scheme-sodium.c
+++ b/src/auth/password-scheme-sodium.c
@@ -38,7 +38,7 @@ generate_argon2id(const char *plaintext, const struct password_generate_params *
 	unsigned long long rounds = params->rounds;
 	size_t memlimit;
 	char result[crypto_pwhash_argon2id_STRBYTES];
-	i_zero(result);
+	i_zero(&result);
 
 	if (rounds == 0)
 		rounds = crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE;
diff --git a/src/lib-master/master-service-haproxy.c b/src/lib-master/master-service-haproxy.c
index a9a73e8f02..f1a3bfdc3d 100644
--- a/src/lib-master/master-service-haproxy.c
+++ b/src/lib-master/master-service-haproxy.c
@@ -301,7 +301,7 @@ master_service_haproxy_read(struct master_service_haproxy_conn *hpconn)
 	   with the first recv() call.
 	 */
 	i_zero(&buf);
-	i_zero(rbuf);
+	i_zero(&rbuf);
 
 	/* see if there is a HAPROXY protocol command waiting */
 	if ((ret = master_service_haproxy_recv(fd, &buf, sizeof(buf), MSG_PEEK))<=0) {