diff --git a/CHANGES b/CHANGES
index 49abbf8697..aa6268a4ec 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,5 @@
+3436.	[bug]		Check malloc/calloc return values. [RT #32088]
+
 3435.	[bug]		Cross compilation support in configure was broken.
 			[RT #32078]
 
diff --git a/lib/dns/gen.c b/lib/dns/gen.c
index 6eb325ed66..ce8cfe0437 100644
--- a/lib/dns/gen.c
+++ b/lib/dns/gen.c
@@ -430,6 +430,10 @@ add(int rdclass, const char *classname, int type, const char *typename,
 		return;
 
 	newcc = (struct cc *)malloc(sizeof(*newcc));
+	if (newcc == NULL) {
+		fprintf(stderr, "malloc() failed\n");
+		exit(1);
+	}
 	newcc->rdclass = rdclass;
 	strncpy(newcc->classname, classname, TYPECLASSLEN);
 	cc = classes;
diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
index 4136cbb020..601511b557 100644
--- a/lib/dns/spnego.c
+++ b/lib/dns/spnego.c
@@ -1553,6 +1553,11 @@ spnego_initial(OM_uint32 *minor_status,
 
 	buf_size = 1024;
 	buf = malloc(buf_size);
+	if (buf == NULL) {
+		*minor_status = ENOMEM;
+		ret = GSS_S_FAILURE;
+		goto end;
+	}
 
 	do {
 		ret = encode_NegTokenInit(buf + buf_size - 1,
diff --git a/lib/dns/spnego_asn1.c b/lib/dns/spnego_asn1.c
index 75c2304d8e..efc4b0c30e 100644
--- a/lib/dns/spnego_asn1.c
+++ b/lib/dns/spnego_asn1.c
@@ -269,8 +269,14 @@ decode_MechTypeList(const unsigned char *p, size_t len, MechTypeList * data, siz
 		(data)->len = 0;
 		(data)->val = NULL;
 		while (ret < origlen) {
+			void *old = (data)->val;
 			(data)->len++;
 			(data)->val = realloc((data)->val, sizeof(*((data)->val)) * (data)->len);
+			if ((data)->val == NULL) {
+				(data)->val = old;
+				(data)->len--;
+				return ENOMEM;
+			}
 			e = decode_MechType(p, len, &(data)->val[(data)->len - 1], &l);
 			FORW;
 			len = origlen - ret;
diff --git a/lib/lwres/getipnode.c b/lib/lwres/getipnode.c
index da00e8c871..300376ef13 100644
--- a/lib/lwres/getipnode.c
+++ b/lib/lwres/getipnode.c
@@ -1119,6 +1119,8 @@ hostfromname(lwres_gabnresponse_t *name, int af) {
 	 * Copy aliases.
 	 */
 	he->h_aliases = malloc(sizeof(char *) * (name->naliases + 1));
+	if (he->h_aliases == NULL)
+		goto cleanup;
 	for (i = 0; i < name->naliases; i++) {
 		he->h_aliases[i] = strdup(name->aliases[i]);
 		if (he->h_aliases[i] == NULL)
@@ -1130,6 +1132,8 @@ hostfromname(lwres_gabnresponse_t *name, int af) {
 	 * Copy addresses.
 	 */
 	he->h_addr_list = malloc(sizeof(char *) * (name->naddrs + 1));
+	if (he->h_addr_list == NULL)
+		goto cleanup;
 	addr = LWRES_LIST_HEAD(name->addrs);
 	i = 0;
 	while (addr != NULL) {