--- d1_both.c.orig	2016-03-02 17:31:30.838526769 -0800
+++ d1_both.c	2016-03-02 17:33:49.002086647 -0800
@@ -1459,6 +1459,8 @@
          * plus 2 bytes payload length, plus payload, plus padding
          */
         buffer = OPENSSL_malloc(write_length);
+	if (buffer == NULL) 
+	    return -1; /* what should be returned here???   */
         bp = buffer;
 
         /* Enter response type, length and copy payload */
@@ -1544,6 +1546,8 @@
      *  - Padding
      */
     buf = OPENSSL_malloc(1 + 2 + payload + padding);
+    if (!buf)
+	goto err;
     p = buf;
     /* Message Type */
     *p++ = TLS1_HB_REQUEST;