diff --git a/.travis.yml b/.travis.yml
index b76e7b0..6e99d61 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -4,6 +4,8 @@ php:
   - 7.0
   - 7.1
   - 7.2
+  - 7.3
+  - 7.4
 
 notifications:
   email: false
@@ -17,4 +19,4 @@ before_script:
 
 # Run PHPs run-tests.php 
 script:
-    - ./travis/run-test.sh
\ No newline at end of file
+    - ./travis/run-test.sh
diff --git a/README.md b/README.md
index 79bc397..3227742 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@
 
 - PHP 7 +
 - PHP json extension, need to json extension before loading JWT extension.
-- OpenSSL (Version >= 1.0.1f) Might work with older version as well, but I did not check that.
+- OpenSSL (Version >= 1.1.0j) Might work with older version as well, but I did not check that.
 
 ## Install
 
@@ -25,14 +25,14 @@ $ make && make install
 
 ```php
 $key = "example-hmac-key";
-$payload = array(
+$payload = [
     "data" => [
         "name" => "ZiHang Gao",
         "admin" => true
     ],
     "iss" => "http://example.org",
     "sub" => "1234567890",
-);
+];
 
 // default HS256 algorithm
 $token = jwt_encode($payload, $key);
@@ -330,6 +330,38 @@ string jwt_encode(array $payload, string $key [, string $algorithm = 'HS256'])
 array jwt_decode(string $token, string $key [, array $options = ['algorithm' => 'HS256']])
 ```
 
+## IDE Helper
+
+```php
+<?php
+/**
+ * Put this file into root of your project for IDE helper
+ * Note: This file don't need to be require/include
+ */
+namespace {
+    function jwt_encode(array $payload, string $key, string $algorithm = 'HS256'): string
+    {
+        return '';
+    }
+
+    function jwt_decode(string $token, string $key, string $algorithm = 'HS256'): array
+    {
+        return [];
+    }
+}
+
+namespace Cdoco {
+    // @codingStandardsIgnoreStart
+    abstract class JWT
+    // @codingStandardsIgnoreEnd
+    {
+        abstract public static function encode(array $payload, string $key, string $algorithm = 'HS256'): string;
+
+        abstract public static function decode(string $token, string $key, string $algorithm = 'HS256'): array;
+    }
+}
+```
+
 ## The algorithm of support
 
 algorithm|-|-|-
@@ -350,4 +382,4 @@ ECDSA|ES256|ES384|ES512
 PHP License 3.01. See the [LICENSE](LICENSE) file.
 
 [travis-url]: https://travis-ci.org/cdoco/php-jwt
-[travis-image]: https://travis-ci.org/cdoco/php-jwt.svg
\ No newline at end of file
+[travis-image]: https://travis-ci.org/cdoco/php-jwt.svg
diff --git a/config.m4 b/config.m4
index e2cd84b..8dc23bd 100644
--- a/config.m4
+++ b/config.m4
@@ -5,7 +5,7 @@ PHP_ARG_ENABLE(jwt, whether to enable jwt support,
   [  --enable-jwt             Enable jwt support])
 
 PHP_ARG_WITH(openssl, whether to use OpenSSL library,
-  [  --with-openssl[=DIR]     Ignore presence of OpenSSL library (requires OpenSSL >= 0.9.8)])
+  [  --with-openssl[=DIR]     Ignore presence of OpenSSL library (requires OpenSSL >= 1.1.0j)])
 
 if test "$PHP_JWT" != "no"; then
 
diff --git a/jwt.c b/jwt.c
index 2050769..3c98668 100644
--- a/jwt.c
+++ b/jwt.c
@@ -487,7 +487,8 @@ static void php_jwt_encode(INTERNAL_FUNCTION_PARAMETERS) {
     smart_str_free(&json_header);
     smart_str_free(&json_payload);
 
-    buf = (char *)emalloc(strlen(header_b64) + strlen(payload_b64) + 1);
+    int buflen = strlen(header_b64) + strlen(payload_b64) + 2;
+    buf = (char *)ecalloc(buflen, 1);
     strcpy(buf, header_b64);
     strcat(buf, ".");
     strcat(buf, payload_b64);
@@ -497,9 +498,11 @@ static void php_jwt_encode(INTERNAL_FUNCTION_PARAMETERS) {
 
     /* sign */
     if (jwt->alg == JWT_ALG_NONE) {
+	buflen += 1;
         /* alg none */
-        buf = (char *)erealloc(buf, strlen(buf) + 1);
+        buf = (char *)erealloc(buf, buflen);
         strcat(buf, ".");
+	buf[buflen] = '\0';
     } else {
         /* set jwt struct */
         jwt->key = key;
@@ -516,7 +519,8 @@ static void php_jwt_encode(INTERNAL_FUNCTION_PARAMETERS) {
         zend_string *sig_str = zend_string_init(sig, sig_len, 0);
         char *sig_b64 = jwt_b64_url_encode(sig_str);
 
-        char *tmp = (char *)emalloc(strlen(sig_b64) + strlen(buf) + 1);
+	buflen = strlen(sig_b64) + strlen(buf) + 2;
+        char *tmp = (char *)ecalloc(buflen, 1);
         sprintf(tmp, "%s.%s", buf, sig_b64);
 
         efree(buf);
@@ -534,11 +538,8 @@ static void php_jwt_encode(INTERNAL_FUNCTION_PARAMETERS) {
 
     jwt_free(jwt);
 
-    char *ret = alloca(strlen(buf));
-    strcpy(ret, buf);
+    RETVAL_STRINGL(buf, strlen(buf));
     efree(buf);
-
-    RETURN_STRING(ret);
 }
 
 /* Jwt decode */