diff --git a/ChangeLog b/ChangeLog
index 0c9b86d18..fd8686322 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2012-02-22  Vladimir Serbinenko  <phcoder@gmail.com>
+
+	* grub-core/fs/affs.c (grub_affs_read_block): Avoid <= in loop
+	condition to avoid possibly infinite loops.
+	* grub-core/lib/pbkdf2.c (grub_crypto_pbkdf2): Likewise.
+	* grub-core/lib/xzembed/xz_dec_bcj.c (bcj_powerpc): Likewise.
+
 2012-02-22  Vladimir Serbinenko  <phcoder@gmail.com>
 
 	* grub-core/normal/charset.c (bidi_line_wrap): Avoid <= in loop
diff --git a/grub-core/fs/affs.c b/grub-core/fs/affs.c
index 7c7813729..4ebdbd5e4 100644
--- a/grub-core/fs/affs.c
+++ b/grub-core/fs/affs.c
@@ -143,7 +143,7 @@ grub_affs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock)
   mod = (grub_uint32_t) fileblock % data->htsize;
   /* Find the block that points to the fileblock we are looking up by
      following the chain until the right table is reached.  */
-  for (curblock = node->last_block_cache + 1; curblock <= target; curblock++)
+  for (curblock = node->last_block_cache + 1; curblock < target + 1; curblock++)
     {
       grub_disk_read (data->disk,
 		      node->block_cache[curblock - 1] + data->blocksize - 1,
diff --git a/grub-core/lib/pbkdf2.c b/grub-core/lib/pbkdf2.c
index beac3c3d6..b4c69a179 100644
--- a/grub-core/lib/pbkdf2.c
+++ b/grub-core/lib/pbkdf2.c
@@ -70,13 +70,13 @@ grub_crypto_pbkdf2 (const struct gcry_md_spec *md,
 
   grub_memcpy (tmp, S, Slen);
 
-  for (i = 1; i <= l; i++)
+  for (i = 1; i - 1 < l; i++)
     {
       grub_memset (T, 0, hLen);
 
-      for (u = 1; u <= c; u++)
+      for (u = 0; u < c; u++)
 	{
-	  if (u == 1)
+	  if (u == 0)
 	    {
 	      tmp[Slen + 0] = (i & 0xff000000) >> 24;
 	      tmp[Slen + 1] = (i & 0x00ff0000) >> 16;
diff --git a/grub-core/lib/xzembed/xz_dec_bcj.c b/grub-core/lib/xzembed/xz_dec_bcj.c
index f517b0acc..bf6b5862e 100644
--- a/grub-core/lib/xzembed/xz_dec_bcj.c
+++ b/grub-core/lib/xzembed/xz_dec_bcj.c
@@ -168,7 +168,7 @@ static noinline_for_stack size_t bcj_powerpc(
 	size_t i;
 	uint32_t instr;
 
-	for (i = 0; i + 4 <= size; i += 4) {
+	for (i = 0; i + 3 < size; i += 4) {
 		instr = get_unaligned_be32(buf + i);
 		if ((instr & 0xFC000003) == 0x48000001) {
 			instr &= 0x03FFFFFC;