diff --git a/miniupnpd/Changelog.txt b/miniupnpd/Changelog.txt
index 2fdbfa2..6ad5f68 100644
--- a/miniupnpd/Changelog.txt
+++ b/miniupnpd/Changelog.txt
@@ -1,4 +1,7 @@
-$Id: Changelog.txt,v 1.319 2012/10/23 12:24:31 nanard Exp $
+$Id: Changelog.txt,v 1.320 2012/12/11 21:07:35 nanard Exp $
+
+2012/12/11:
+  More return value check for malloc() and realloc()
 
 2012/10/23:
   minor modifications to linux/getroute.c and testgetroute.c
diff --git a/miniupnpd/miniupnpd.c b/miniupnpd/miniupnpd.c
index ee5cc91..9645172 100644
--- a/miniupnpd/miniupnpd.c
+++ b/miniupnpd/miniupnpd.c
@@ -1,4 +1,4 @@
-/* $Id: miniupnpd.c,v 1.171 2012/10/04 22:36:46 nanard Exp $ */
+/* $Id: miniupnpd.c,v 1.172 2012/12/11 21:07:36 nanard Exp $ */
 /* MiniUPnP project
  * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
  * (c) 2006-2012 Thomas Bernard
@@ -1706,8 +1706,16 @@ main(int argc, char * * argv)
 			           &clientnamelen);
 			syslog(LOG_DEBUG, "sctl! : '%s'", clientname.sun_path);
 			tmp = malloc(sizeof(struct ctlelem));
-			tmp->socket = s;
-			LIST_INSERT_HEAD(&ctllisthead, tmp, entries);
+			if (tmp == NULL)
+			{
+				syslog(LOG_ERR, "Unable to allocate memory for ctlelem in main()");
+				close(s);
+			}
+			else
+			{
+				tmp->socket = s;
+				LIST_INSERT_HEAD(&ctllisthead, tmp, entries);
+			}
 		}
 #endif
 #ifdef ENABLE_EVENTS
diff --git a/miniupnpd/upnphttp.c b/miniupnpd/upnphttp.c
index 91933a1..b4b5d6f 100644
--- a/miniupnpd/upnphttp.c
+++ b/miniupnpd/upnphttp.c
@@ -1,4 +1,4 @@
-/* $Id: upnphttp.c,v 1.81 2012/10/04 22:09:34 nanard Exp $ */
+/* $Id: upnphttp.c,v 1.82 2012/12/11 21:07:37 nanard Exp $ */
 /* Project :  miniupnp
  * Website :  http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
  * Author :   Thomas Bernard
@@ -637,6 +637,7 @@ ProcessHttpQuery_upnphttp(struct upnphttp * h)
 void
 Process_upnphttp(struct upnphttp * h)
 {
+	char * h_tmp;
 	char buf[2048];
 	int n;
 
@@ -667,10 +668,19 @@ Process_upnphttp(struct upnphttp * h)
 			const char * endheaders;
 			/* if 1st arg of realloc() is null,
 			 * realloc behaves the same as malloc() */
-			h->req_buf = (char *)realloc(h->req_buf, n + h->req_buflen + 1);
-			memcpy(h->req_buf + h->req_buflen, buf, n);
-			h->req_buflen += n;
-			h->req_buf[h->req_buflen] = '\0';
+			h_tmp = (char *)realloc(h->req_buf, n + h->req_buflen + 1);
+			if (h_tmp == NULL)
+			{
+				syslog(LOG_WARNING, "Unable to allocate new memory for h->req_buf)");
+				h->state = EToDelete;
+			}
+			else
+			{
+				h->req_buf = h_tmp;
+				memcpy(h->req_buf + h->req_buflen, buf, n);
+				h->req_buflen += n;
+				h->req_buf[h->req_buflen] = '\0';
+			}
 			/* search for the string "\r\n\r\n" */
 			endheaders = findendheaders(h->req_buf, h->req_buflen);
 			if(endheaders)