diff --git a/lib/krb5/send_to_kdc.c b/lib/krb5/send_to_kdc.c
index 9ff52fa54..101f400d5 100644
--- a/lib/krb5/send_to_kdc.c
+++ b/lib/krb5/send_to_kdc.c
@@ -183,16 +183,16 @@ send_and_recv_http(krb5_socket_t fd,
 		   const krb5_data *req,
 		   krb5_data *rep)
 {
-    char *request;
+    char *request = NULL;
     char *str;
     int ret;
     int len = base64_encode(req->data, req->length, &str);
 
     if(len < 0)
 	return -1;
-    asprintf(&request, "GET %s%s HTTP/1.0\r\n\r\n", prefix, str);
+    ret = asprintf(&request, "GET %s%s HTTP/1.0\r\n\r\n", prefix, str);
     free(str);
-    if (request == NULL)
+    if (ret < 0 || request == NULL)
 	return -1;
     ret = net_write (fd, request, strlen(request));
     free (request);
@@ -261,7 +261,7 @@ send_via_proxy (krb5_context context,
 {
     char *proxy2 = strdup(context->http_proxy);
     char *proxy  = proxy2;
-    char *prefix;
+    char *prefix = NULL;
     char *colon;
     struct addrinfo hints;
     struct addrinfo *ai, *a;
@@ -304,8 +304,8 @@ send_via_proxy (krb5_context context,
     }
     freeaddrinfo (ai);
 
-    asprintf(&prefix, "http://%s/", hi->hostname);
-    if(prefix == NULL) {
+    ret = asprintf(&prefix, "http://%s/", hi->hostname);
+    if(ret < 0 || prefix == NULL) {
 	close(s);
 	return 1;
     }
diff --git a/lib/krb5/test_cc.c b/lib/krb5/test_cc.c
index 8d561b691..5892230c5 100644
--- a/lib/krb5/test_cc.c
+++ b/lib/krb5/test_cc.c
@@ -124,7 +124,8 @@ test_mcache(krb5_context context)
     if (tc == NULL)
 	krb5_errx(context, 1, "krb5_cc_get_name");
 
-    asprintf(&c, "%s:%s", tc, nc);
+    if (asprintf(&c, "%s:%s", tc, nc) < 0 || c == NULL)
+	errx(1, "malloc");
 
     krb5_cc_close(context, id);
 
@@ -165,7 +166,7 @@ test_init_vs_destroy(krb5_context context, const char *type)
     krb5_error_code ret;
     krb5_ccache id, id2;
     krb5_principal p, p2;
-    char *n;
+    char *n = NULL;
 
     ret = krb5_parse_name(context, "lha@SU.SE", &p);
     if (ret)
@@ -175,9 +176,11 @@ test_init_vs_destroy(krb5_context context, const char *type)
     if (ret)
 	krb5_err(context, 1, ret, "krb5_cc_new_unique");
 
-    asprintf(&n, "%s:%s",
-	     krb5_cc_get_type(context, id),
-	     krb5_cc_get_name(context, id));
+    if (asprintf(&n, "%s:%s",
+		 krb5_cc_get_type(context, id),
+		 krb5_cc_get_name(context, id)) < 0 || n == NULL)
+	errx(1, "malloc");
+	
 
     ret = krb5_cc_resolve(context, n, &id2);
     free(n);
diff --git a/lib/krb5/test_princ.c b/lib/krb5/test_princ.c
index e75b2ec2c..98e61e3d8 100644
--- a/lib/krb5/test_princ.c
+++ b/lib/krb5/test_princ.c
@@ -77,7 +77,8 @@ test_princ(krb5_context context)
 
     realm = krb5_principal_get_realm(context, p);
 
-    asprintf(&princ_reformed, "%s@%s", princ_short, realm);
+    if (asprintf(&princ_reformed, "%s@%s", princ_short, realm) < 0 || princ_reformed == NULL)
+	errx(1, "malloc");
 
     ret = krb5_parse_name(context, princ_reformed, &p2);
     free(princ_reformed);
diff --git a/lib/krb5/v4_glue.c b/lib/krb5/v4_glue.c
index 01cf323d3..d47a1288e 100644
--- a/lib/krb5/v4_glue.c
+++ b/lib/krb5/v4_glue.c
@@ -120,7 +120,7 @@ get_krb4_cc_name(const char *tkfile, char **cc)
 	}
 #ifdef HAVE_GETUID
 	if(*cc == NULL)
-	    if (asprintf(cc, "%s%u", TKT_ROOT, (unsigned)getuid()) < 0)
+	    if (asprintf(cc, "%s%u", TKT_ROOT, (unsigned)getuid()) < 0 || *cc == NULL)
 		return errno;
 #elif defined(KRB5_USE_PATH_TOKENS)
 	if(*cc == NULL)
diff --git a/lib/krb5/verify_krb5_conf.c b/lib/krb5/verify_krb5_conf.c
index f1a4c57a6..d554423a1 100644
--- a/lib/krb5/verify_krb5_conf.c
+++ b/lib/krb5/verify_krb5_conf.c
@@ -588,7 +588,9 @@ check_section(krb5_context context, const char *path, krb5_config_section *cf,
     char *local;
 
     for(p = cf; p != NULL; p = p->next) {
-	asprintf(&local, "%s/%s", path, p->name);
+	local = NULL;
+	if (asprintf(&local, "%s/%s", path, p->name) < 0 || local == NULL)
+	    errx(1, "out of memory");
 	for(e = entries; e->name != NULL; e++) {
 	    if(*e->name == '\0' || strcmp(e->name, p->name) == 0) {
 		if(e->type != p->type) {
diff --git a/lib/krb5/warn.c b/lib/krb5/warn.c
index a4c633936..63994dfca 100644
--- a/lib/krb5/warn.c
+++ b/lib/krb5/warn.c
@@ -46,6 +46,7 @@ _warnerr(krb5_context context, int do_errtext,
     const char *args[2], **arg;
     char *msg = NULL;
     const char *err_str = NULL;
+    krb5_error_code ret;
 
     args[0] = args[1] = NULL;
     arg = args;
@@ -53,8 +54,8 @@ _warnerr(krb5_context context, int do_errtext,
 	strlcat(xfmt, "%s", sizeof(xfmt));
 	if(do_errtext)
 	    strlcat(xfmt, ": ", sizeof(xfmt));
-	vasprintf(&msg, fmt, ap);
-	if(msg == NULL)
+	ret = vasprintf(&msg, fmt, ap);
+	if(ret < 0 || msg == NULL)
 	    return ENOMEM;
 	*arg++ = msg;
     }