diff --git a/willow/src/api/client.rs b/willow/src/api/client.rs
index 66a61d3..3ed2c49 100644
--- a/willow/src/api/client.rs
+++ b/willow/src/api/client.rs
@@ -120,7 +120,7 @@ unsafe fn initialize_client(
     out: *mut *mut WillowShellClient,
 ) -> ffi::FfiStatus {
     WillowShellClient::new_from_serialized_config(config)
-        .map(|client| *out = Box::into_raw(Box::new(client)))
+        .map(|client| unsafe { *out = Box::into_raw(Box::new(client)) })
         .into()
 }
 
@@ -129,7 +129,7 @@ unsafe fn initialize_client(
 ///
 /// SAFETY: `ptr` must have been created by `Box::into_raw`, as in `initialize_client`.
 unsafe fn client_into_box(ptr: *mut WillowShellClient) -> Box<WillowShellClient> {
-    Box::from_raw(ptr)
+    unsafe { Box::from_raw(ptr) }
 }
 
 /// SAFETY: `out` must be valid for writes.
@@ -142,6 +142,6 @@ unsafe fn generate_contribution(
 ) -> ffi::FfiStatus {
     client
         .generate_contribution(data, public_key, nonce)
-        .map(|contribution| *out = contribution)
+        .map(|contribution| unsafe { *out = contribution })
         .into()
 }
diff --git a/willow/src/api/server_accumulator.rs b/willow/src/api/server_accumulator.rs
index 22439ee..0cd78c1 100644
--- a/willow/src/api/server_accumulator.rs
+++ b/willow/src/api/server_accumulator.rs
@@ -403,7 +403,7 @@ impl ServerAccumulator {
 
     /// SAFETY: `out` must be valid for writes.
     pub unsafe fn to_serialized_state_ffi(&self, out: *mut Vec<u8>) -> ffi::FfiStatus {
-        self.to_serialized_state().map(|result| *out = result).into()
+        self.to_serialized_state().map(|result| unsafe { *out = result }).into()
     }
 }
 
@@ -484,7 +484,7 @@ unsafe fn new_server_accumulator_from_serialized_config(
     out: *mut *mut ServerAccumulator,
 ) -> ffi::FfiStatus {
     ServerAccumulator::new_from_serialized_config(serialized_aggregation_config)
-        .map(|result| *out = Box::into_raw(Box::new(result)))
+        .map(|result| unsafe { *out = Box::into_raw(Box::new(result)) })
         .into()
 }
 
@@ -494,14 +494,14 @@ unsafe fn new_server_accumulator_from_serialized_state(
     out: *mut *mut ServerAccumulator,
 ) -> ffi::FfiStatus {
     ServerAccumulator::new_from_serialized_state(serialized_server_accumulator)
-        .map(|result| *out = Box::into_raw(Box::new(result)))
+        .map(|result| unsafe { *out = Box::into_raw(Box::new(result)) })
         .into()
 }
 
 // SAFETY:
 //   - `ptr` must have been created by Box::into_raw or one of the functions in this module.
 unsafe fn into_box(ptr: *mut ServerAccumulator) -> Box<ServerAccumulator> {
-    Box::from_raw(ptr)
+    unsafe { Box::from_raw(ptr) }
 }
 
 /// SAFETY:
@@ -509,7 +509,7 @@ unsafe fn into_box(ptr: *mut ServerAccumulator) -> Box<ServerAccumulator> {
 unsafe fn final_result_decryptor_into_box(
     ptr: *mut FinalResultDecryptor,
 ) -> Box<FinalResultDecryptor> {
-    Box::from_raw(ptr)
+    unsafe { Box::from_raw(ptr) }
 }
 
 /// Final result decryptor.
@@ -566,7 +566,7 @@ pub unsafe fn finalize_accumulator_ffi(
     out_final_result_decryptor_state: *mut Vec<u8>,
 ) -> ffi::FfiStatus {
     finalize_accumulator(*accumulator)
-        .map(|(decryption_request, final_result_decryptor_state)| {
+        .map(|(decryption_request, final_result_decryptor_state)| unsafe {
             *out_decryption_request = decryption_request;
             *out_final_result_decryptor_state = final_result_decryptor_state;
         })
@@ -629,7 +629,9 @@ impl FinalResultDecryptor {
         serialized_partial_decryption_response: cxx::UniquePtr<cxx::CxxString>,
         out: *mut Vec<ffi::EncodedDataEntry>,
     ) -> ffi::FfiStatus {
-        self.decrypt(serialized_partial_decryption_response).map(|result| *out = result).into()
+        self.decrypt(serialized_partial_decryption_response)
+            .map(|result| unsafe { *out = result })
+            .into()
     }
 }
 
@@ -639,6 +641,6 @@ unsafe fn create_final_result_decryptor_from_serialized(
     out: *mut *mut FinalResultDecryptor,
 ) -> ffi::FfiStatus {
     FinalResultDecryptor::new_from_serialized(serialized_proto)
-        .map(|result| *out = Box::into_raw(Box::new(result)))
+        .map(|result| unsafe { *out = Box::into_raw(Box::new(result)) })
         .into()
 }
diff --git a/willow/src/shell/parameters_utils.rs b/willow/src/shell/parameters_utils.rs
index b4f0203..fefd15f 100644
--- a/willow/src/shell/parameters_utils.rs
+++ b/willow/src/shell/parameters_utils.rs
@@ -71,7 +71,7 @@ unsafe fn create_human_readable_shell_config(
     out: *mut Vec<u8>,
 ) -> ffi::FfiStatus {
     create_human_readable_shell_config_impl(aggregation_config_proto)
-        .map(|result| *out = result)
+        .map(|result| unsafe { *out = result })
         .into()
 }
 
diff --git a/willow/src/testing_utils/shell_testing_decryptor.rs b/willow/src/testing_utils/shell_testing_decryptor.rs
index 307ebb3..a85150c 100644
--- a/willow/src/testing_utils/shell_testing_decryptor.rs
+++ b/willow/src/testing_utils/shell_testing_decryptor.rs
@@ -116,7 +116,7 @@ impl ShellTestingDecryptor {
 
     /// SAFETY: `out` must be valid for writes.
     unsafe fn generate_public_key_ffi(&mut self, out: *mut Vec<u8>) -> ffi::FfiStatus {
-        self.generate_public_key_serialized().map(|pk| *out = pk).into()
+        self.generate_public_key_serialized().map(|pk| unsafe { *out = pk }).into()
     }
 
     fn decrypt_serialized(
@@ -151,7 +151,7 @@ impl ShellTestingDecryptor {
         contribution: &[u8],
         out: *mut Vec<ffi::EncodedDataEntry>,
     ) -> ffi::FfiStatus {
-        self.decrypt_serialized(contribution).map(|result| *out = result).into()
+        self.decrypt_serialized(contribution).map(|result| unsafe { *out = result }).into()
     }
 
     fn generate_partial_decryption_response(
@@ -194,7 +194,7 @@ impl ShellTestingDecryptor {
         out: *mut Vec<u8>,
     ) -> ffi::FfiStatus {
         self.generate_partial_decryption_response_serialized(request)
-            .map(|response| *out = response)
+            .map(|response| unsafe { *out = response })
             .into()
     }
 }
@@ -268,7 +268,7 @@ unsafe fn create_shell_testing_decryptor(
     out: *mut *mut ShellTestingDecryptor,
 ) -> ffi::FfiStatus {
     create_shell_testing_decryptor_impl(config)
-        .map(|decryptor| *out = Box::into_raw(decryptor))
+        .map(|decryptor| unsafe { *out = Box::into_raw(decryptor) })
         .into()
 }
 
@@ -277,5 +277,5 @@ unsafe fn create_shell_testing_decryptor(
 ///
 /// SAFETY: `ptr` must have been created by `Box::into_raw`, as in `create_shell_testing_decryptor`.
 unsafe fn decryptor_into_box(ptr: *mut ShellTestingDecryptor) -> Box<ShellTestingDecryptor> {
-    Box::from_raw(ptr)
+    unsafe { Box::from_raw(ptr) }
 }