diff --git a/SOURCES/pcsc-lite-1.8.8-coverity.patch b/SOURCES/pcsc-lite-1.8.8-coverity.patch
new file mode 100644
index 0000000..9207943
--- /dev/null
+++ b/SOURCES/pcsc-lite-1.8.8-coverity.patch
@@ -0,0 +1,114 @@
+diff -up ./src/configfile.l.coverity ./src/configfile.l
+--- ./src/configfile.l.coverity	2018-05-23 16:32:54.524430167 -0700
++++ ./src/configfile.l	2018-05-23 16:37:23.881925045 -0700
+@@ -191,9 +191,18 @@ int evaluatetoken(char *pcToken)
+ 		}
+ 		else
+ 		{
++			char *new_reader_list;
+ 			reader_list_size++;
+-			reader_list = realloc(reader_list, reader_list_size *
++			new_reader_list = realloc(reader_list, reader_list_size *
+ 				sizeof(SerialReader));
++			if (new_reader_list == NULL) {
++				free(reader_list);
++			}
++			reader_list = new_reader_list;
++		}
++		if (reader_list == NULL) {
++			tok_error("No Memory");
++			return 1;
+ 		}
+ 
+ 		/* end marker */
+diff -up ./src/sd-daemon.c.coverity ./src/sd-daemon.c
+--- ./src/sd-daemon.c.coverity	2018-05-23 16:28:02.571878672 -0700
++++ ./src/sd-daemon.c	2018-05-23 16:28:05.080883439 -0700
+@@ -95,7 +95,7 @@ _sd_export_ int sd_listen_fds(int unset_
+                 goto finish;
+         }
+ 
+-        if (!(e = getenv("LISTEN_FDS"))) {
++        if (!(e = secure_getenv("LISTEN_FDS"))) {
+                 r = 0;
+                 goto finish;
+         }
+diff -up ./src/winscard_clnt.c.coverity ./src/winscard_clnt.c
+--- ./src/winscard_clnt.c.coverity	2018-05-23 16:42:07.437434512 -0700
++++ ./src/winscard_clnt.c	2018-05-23 16:42:10.779440449 -0700
+@@ -1541,15 +1541,15 @@ retry:
+ 	if (SCARD_AUTOALLOCATE == dwReaderLen)
+ 	{
+ 		dwReaderLen = *pcchReaderLen;
+-		bufReader = malloc(dwReaderLen);
+-		if (NULL == bufReader)
++		if (NULL == mszReaderName)
+ 		{
+-			rv = SCARD_E_NO_MEMORY;
++			rv = SCARD_E_INVALID_PARAMETER;
+ 			goto end;
+ 		}
+-		if (NULL == mszReaderName)
++		bufReader = malloc(dwReaderLen);
++		if (NULL == bufReader)
+ 		{
+-			rv = SCARD_E_INVALID_PARAMETER;
++			rv = SCARD_E_NO_MEMORY;
+ 			goto end;
+ 		}
+ 		*(char **)mszReaderName = bufReader;
+@@ -1569,15 +1569,15 @@ retry:
+ 	if (SCARD_AUTOALLOCATE == dwAtrLen)
+ 	{
+ 		dwAtrLen = *pcbAtrLen;
+-		bufAtr = malloc(dwAtrLen);
+-		if (NULL == bufAtr)
++		if (NULL == pbAtr)
+ 		{
+-			rv = SCARD_E_NO_MEMORY;
++			rv = SCARD_E_INVALID_PARAMETER;
+ 			goto end;
+ 		}
+-		if (NULL == pbAtr)
++		bufAtr = malloc(dwAtrLen);
++		if (NULL == bufAtr)
+ 		{
+-			rv = SCARD_E_INVALID_PARAMETER;
++			rv = SCARD_E_NO_MEMORY;
+ 			goto end;
+ 		}
+ 		*(LPBYTE *)pbAtr = bufAtr;
+@@ -3098,15 +3098,15 @@ LONG SCardListReaderGroups(SCARDCONTEXT
+ 
+ 	if (SCARD_AUTOALLOCATE == *pcchGroups)
+ 	{
+-		buf = malloc(dwGroups);
+-		if (NULL == buf)
++		if (NULL == mszGroups)
+ 		{
+-			rv = SCARD_E_NO_MEMORY;
++			rv = SCARD_E_INVALID_PARAMETER;
+ 			goto end;
+ 		}
+-		if (NULL == mszGroups)
++		buf = malloc(dwGroups);
++		if (NULL == buf)
+ 		{
+-			rv = SCARD_E_INVALID_PARAMETER;
++			rv = SCARD_E_NO_MEMORY;
+ 			goto end;
+ 		}
+ 		*(char **)mszGroups = buf;
+diff -up ./src/winscard_svc.c.coverity ./src/winscard_svc.c
+--- ./src/winscard_svc.c.coverity	2018-05-23 16:30:31.037160692 -0700
++++ ./src/winscard_svc.c	2018-05-23 16:30:35.066168345 -0700
+@@ -856,7 +856,8 @@ static LONG MSGAddHandle(SCARDCONTEXT hC
+ 					"list_append failed with return value: %d", lrv);
+ 				retval = SCARD_E_NO_MEMORY;
+ 			}
+-			retval = SCARD_S_SUCCESS;
++			else
++				retval = SCARD_S_SUCCESS;
+ 		}
+ 
+ 		(void)pthread_mutex_unlock(&threadContext->cardsList_lock);
diff --git a/SOURCES/pcsc-lite-1.8.8-maxreaders.patch b/SOURCES/pcsc-lite-1.8.8-maxreaders.patch
index 1560549..469e5fe 100644
--- a/SOURCES/pcsc-lite-1.8.8-maxreaders.patch
+++ b/SOURCES/pcsc-lite-1.8.8-maxreaders.patch
@@ -1,6 +1,18 @@
+diff -up ./src/PCSC/pcsclite.h.in.maxreaders ./src/PCSC/pcsclite.h.in
+--- ./src/PCSC/pcsclite.h.in.maxreaders	2012-06-26 11:49:57.000000000 -0700
++++ ./src/PCSC/pcsclite.h.in	2018-05-23 12:52:27.745131988 -0700
+@@ -192,7 +192,7 @@ extern const SCARD_IO_REQUEST g_rgSCardT
+ 
+ #define PCSCLITE_VERSION_NUMBER		"@VERSION@"	/**< Current version */
+ /** Maximum readers context (a slot is count as a reader) */
+-#define PCSCLITE_MAX_READERS_CONTEXTS			16
++#define PCSCLITE_MAX_READERS_CONTEXTS			32
+ 
+ #define MAX_READERNAME			128
+ 
 diff -up ./src/PCSC/pcsclite.h.maxreaders ./src/PCSC/pcsclite.h
---- ./src/PCSC/pcsclite.h.maxreaders	2015-07-06 15:35:41.649580066 -0700
-+++ ./src/PCSC/pcsclite.h	2015-07-06 15:35:51.167402468 -0700
+--- ./src/PCSC/pcsclite.h.maxreaders	2018-05-23 11:59:28.172147622 -0700
++++ ./src/PCSC/pcsclite.h	2018-05-23 12:52:40.552151891 -0700
 @@ -192,7 +192,7 @@ extern const SCARD_IO_REQUEST g_rgSCardT
  
  #define PCSCLITE_VERSION_NUMBER		"1.8.8"	/**< Current version */
diff --git a/SPECS/pcsc-lite.spec b/SPECS/pcsc-lite.spec
index 709a885..1e7bf87 100644
--- a/SPECS/pcsc-lite.spec
+++ b/SPECS/pcsc-lite.spec
@@ -2,7 +2,7 @@
 
 Name:           pcsc-lite
 Version:        1.8.8
-Release:        7%{?dist}
+Release:        8%{?dist}
 Summary:        PC/SC Lite smart card framework and applications
 
 Group:          System Environment/Daemons
@@ -12,6 +12,7 @@ Source0:        http://alioth.debian.org/download.php/%{upstream_build}/%{name}-
 Patch1:		pcsc-lite-1.8.8-man-update.patch
 Patch2:		pcsc-lite-1.8.8-maxreaders.patch
 Patch3:		pcsc-lite-1.8.8-no-hang-systemd.patch
+Patch4:		pcsc-lite-1.8.8-coverity.patch
 
 BuildRequires:  doxygen
 BuildRequires:  graphviz
@@ -63,6 +64,7 @@ Requires:       %{name}-libs = %{version}-%{release}
 %patch1 -p 0 -b .man-update
 %patch2 -p 0 -b .maxreaders
 %patch3 -p 1 -b .no-hand-systemd
+%patch4 -p 0 -b .coverity
 
 # Convert to utf-8
 for file in ChangeLog; do
@@ -139,6 +141,10 @@ rm $RPM_BUILD_ROOT%{_docdir}/pcsc-lite/README.DAEMON
 
 
 %changelog
+* Wed May 23 2018 Robert Relyea <rrelyea@redhat.com> - 1.8.8-8
+- Fix coverity/CLAND/CPPChecks issues
+- Increase the number of supported readers for real.
+
 * Mon Oct 30 2017 Robert Relyea <rrelyea@redhat.com> - 1.8.8-7
 - Don't hang if the daemon is blocked by systemd
 - Make sure we have a new enough systemd-devel to have the udev headers