diff --git a/CHANGES b/CHANGES
index f59a401151..d2ff4c27c2 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,12 @@
 
+2.1-331 | 2013-03-06 14:54:33 -0800
+
+  * Fix possible null pointer dereference in identify_data BIF. Also
+    centralized libmagic calls for consistent error handling/output.
+    (Jon Siwek)
+
+  * Fix build on OpenBSD 5.2. (Jon Siwek)
+
 2.1-328 | 2013-02-05 01:34:29 -0500
 
   * New script to query the ICSI Certificate Notary 
diff --git a/VERSION b/VERSION
index 70056e0c53..81ccc15530 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.1-328
+2.1-331
diff --git a/src/FileAnalyzer.cc b/src/FileAnalyzer.cc
index d4064e8144..172f1aaa1d 100644
--- a/src/FileAnalyzer.cc
+++ b/src/FileAnalyzer.cc
@@ -2,6 +2,7 @@
 
 #include "FileAnalyzer.h"
 #include "Reporter.h"
+#include "util.h"
 
 magic_t File_Analyzer::magic = 0;
 magic_t File_Analyzer::magic_mime = 0;
@@ -11,11 +12,8 @@ File_Analyzer::File_Analyzer(Connection* conn)
 	{
 	buffer_len = 0;
 
-	if ( ! magic )
-		{
-		InitMagic(&magic, MAGIC_NONE);
-		InitMagic(&magic_mime, MAGIC_MIME);
-		}
+	bro_init_magic(&magic, MAGIC_NONE);
+	bro_init_magic(&magic_mime, MAGIC_MIME);
 	}
 
 void File_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
@@ -49,10 +47,10 @@ void File_Analyzer::Identify()
 	const char* mime = 0;
 
 	if ( magic )
-		descr = magic_buffer(magic, buffer, buffer_len);
+		descr = bro_magic_buffer(magic, buffer, buffer_len);
 
 	if ( magic_mime )
-		mime = magic_buffer(magic_mime, buffer, buffer_len);
+		mime = bro_magic_buffer(magic_mime, buffer, buffer_len);
 
 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
@@ -61,18 +59,3 @@ void File_Analyzer::Identify()
 	vl->append(new StringVal(mime ? mime : "<unknown>"));
 	ConnectionEvent(file_transferred, vl);
 	}
-
-void File_Analyzer::InitMagic(magic_t* magic, int flags)
-	{
-	*magic = magic_open(flags);
-
-	if ( ! *magic )
-		reporter->Error("can't init libmagic: %s", magic_error(*magic));
-
-	else if ( magic_load(*magic, 0) < 0 )
-		{
-		reporter->Error("can't load magic file: %s", magic_error(*magic));
-		magic_close(*magic);
-		*magic = 0;
-		}
-	}
diff --git a/src/FileAnalyzer.h b/src/FileAnalyzer.h
index dcf9d22e8e..ac5c783e6b 100644
--- a/src/FileAnalyzer.h
+++ b/src/FileAnalyzer.h
@@ -29,8 +29,6 @@ protected:
 	char buffer[BUFFER_SIZE];
 	int buffer_len;
 
-	static void InitMagic(magic_t* magic, int flags);
-
 	static magic_t magic;
 	static magic_t magic_mime;
 };
diff --git a/src/bro.bif b/src/bro.bif
index 8cea9d9123..29aa178316 100644
--- a/src/bro.bif
+++ b/src/bro.bif
@@ -16,6 +16,7 @@
 #include "digest.h"
 #include "Reporter.h"
 #include "IPAddr.h"
+#include "util.h"
 
 using namespace std;
 
@@ -844,38 +845,21 @@ extern "C" {
 ## return_mime: If true, the function returns a short MIME type string (e.g.,
 ##              ``text/plain`` instead of a more elaborate textual description).
 ##
-## Returns: The MIME type of *data*.
+## Returns: The MIME type of *data*, or "<unknown>" if there was an error.
 function identify_data%(data: string, return_mime: bool%): string
 	%{
-	const char* descr = "";
-
 	static magic_t magic_mime = 0;
 	static magic_t magic_descr = 0;
 
 	magic_t* magic = return_mime ? &magic_mime : &magic_descr;
+	bro_init_magic(magic, return_mime ? MAGIC_MIME : MAGIC_NONE);
 
 	if( ! *magic )
-		{
-		*magic = magic_open(return_mime ? MAGIC_MIME : MAGIC_NONE);
+		return new StringVal("<unknown>");
 
-		if ( ! *magic )
-			{
-			reporter->Error("can't init libmagic: %s", magic_error(*magic));
-			return new StringVal("");
-			}
+	const char* desc = bro_magic_buffer(*magic, data->Bytes(), data->Len());
 
-		if ( magic_load(*magic, 0) < 0 )
-			{
-			reporter->Error("can't load magic file: %s", magic_error(*magic));
-			magic_close(*magic);
-			*magic = 0;
-			return new StringVal("");
-			}
-		}
-
-	descr = magic_buffer(*magic, data->Bytes(), data->Len());
-
-	return new StringVal(descr);
+	return new StringVal(desc ? desc : "<unknown>");
 	%}
 
 ## Performs an entropy test on the given data.
diff --git a/src/bro_inet_ntop.h b/src/bro_inet_ntop.h
index 00326b092e..c018403893 100644
--- a/src/bro_inet_ntop.h
+++ b/src/bro_inet_ntop.h
@@ -5,6 +5,7 @@
 extern "C" {
 #endif
 
+#include <sys/types.h>
 #include <sys/socket.h>
 
 const char * 
diff --git a/src/threading/SerialTypes.h b/src/threading/SerialTypes.h
index 60aee2411e..f4f0bc0957 100644
--- a/src/threading/SerialTypes.h
+++ b/src/threading/SerialTypes.h
@@ -2,6 +2,7 @@
 #ifndef THREADING_SERIALIZATIONTYPES_H
 #define THREADING_SERIALIZATIONTYPES_H
 
+#include <sys/types.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
diff --git a/src/util.cc b/src/util.cc
index c36ff6a31c..0051f9f6fe 100644
--- a/src/util.cc
+++ b/src/util.cc
@@ -1527,3 +1527,37 @@ void operator delete[](void* v)
 	}
 
 #endif
+
+void bro_init_magic(magic_t* cookie_ptr, int flags)
+	{
+	if ( ! cookie_ptr || *cookie_ptr )
+		return;
+
+	*cookie_ptr = magic_open(flags);
+
+	if ( ! *cookie_ptr )
+		{
+		const char* err = magic_error(*cookie_ptr);
+		reporter->Error("can't init libmagic: %s", err ? err : "unknown");
+		}
+
+	else if ( magic_load(*cookie_ptr, 0) < 0 )
+		{
+		const char* err = magic_error(*cookie_ptr);
+		reporter->Error("can't load magic file: %s", err ? err : "unknown");
+		magic_close(*cookie_ptr);
+		*cookie_ptr = 0;
+		}
+	}
+
+const char* bro_magic_buffer(magic_t cookie, const void* buffer, size_t length)
+	{
+	const char* rval = magic_buffer(cookie, buffer, length);
+	if ( ! rval )
+		{
+		const char* err = magic_error(cookie);
+		reporter->Error("magic_buffer error: %s", err ? err : "unknown");
+		}
+
+	return rval;
+	}
diff --git a/src/util.h b/src/util.h
index 7d65f42fa8..5d4115773d 100644
--- a/src/util.h
+++ b/src/util.h
@@ -15,6 +15,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <stdarg.h>
+#include <magic.h>
 #include "config.h"
 
 #if __STDC__
@@ -364,4 +365,7 @@ struct CompareString
 		}
 	};
 
+void bro_init_magic(magic_t* cookie_ptr, int flags);
+const char* bro_magic_buffer(magic_t cookie, const void* buffer, size_t length);
+
 #endif