--- ssl_sess.c.orig	2016-03-02 17:48:47.180240472 -0800
+++ ssl_sess.c	2016-03-02 17:50:20.204063321 -0800
@@ -919,6 +919,10 @@
             session->krb5_client_princ_len > 0) {
             s->kssl_ctx->client_princ =
                 (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1);
+	    if (!s->kssl_ctx->client_princ) {
+		SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
+		return (0);
+	    }
             memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ,
                    session->krb5_client_princ_len);
             s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';