diff --git a/src/CVRF/cvrf_eval.c b/src/CVRF/cvrf_eval.c
index 049b871f8..3bb39d109 100644
--- a/src/CVRF/cvrf_eval.c
+++ b/src/CVRF/cvrf_eval.c
@@ -89,10 +89,14 @@ struct cvrf_session *cvrf_session_new_from_source_model(struct oscap_source *sou
 	if (source == NULL)
 		return NULL;
 
+	struct cvrf_model *model = cvrf_model_import(source);
+	if (model == NULL) {
+		return NULL;
+	}
 	struct cvrf_session *ret = malloc(sizeof(struct cvrf_session));
 	ret->source = source;
 	ret->index = NULL;
-	ret->model = cvrf_model_import(source);
+	ret->model = model;
 	ret->os_name = NULL;
 	ret->product_ids = oscap_stringlist_new();
 	ret->def_model = oval_definition_model_new();
@@ -225,6 +229,9 @@ struct oscap_source *cvrf_model_get_results_source(struct oscap_source *import_s
 	if (import_source == NULL)
 		return NULL;
 	struct cvrf_session *session = cvrf_session_new_from_source_model(import_source);
+	if (session == NULL) {
+		return NULL;
+	}
 	cvrf_session_set_os_name(session, os_name);
 
 	if (find_all_cvrf_product_ids_from_cpe(session) != 0) {
diff --git a/utils/oscap-cvrf.c b/utils/oscap-cvrf.c
index 9a2441165..d6c571007 100644
--- a/utils/oscap-cvrf.c
+++ b/utils/oscap-cvrf.c
@@ -99,20 +99,29 @@ static int app_cvrf_evaluate(const struct oscap_action *action) {
 	// themselves
 	const char *os_name = "Red Hat Enterprise Linux Desktop Supplementary (v. 6)";
 	struct oscap_source *import_source = oscap_source_new_from_file(action->cvrf_action->f_cvrf);
+
+	int ret = oscap_source_validate(import_source, reporter, (void *) action);
+	if (ret != 0) {
+		result = OSCAP_ERROR;
+		goto cleanup;
+	}
+
 	struct oscap_source *export_source = cvrf_model_get_results_source(import_source, os_name);
-	if (export_source == NULL)
-		return -1;
+	if (export_source == NULL) {
+		result = OSCAP_ERROR;
+		goto cleanup;
+	}
 
 	if (oscap_source_save_as(export_source, action->cvrf_action->f_results) == -1) {
 		result = OSCAP_ERROR;
 		goto cleanup;
 	}
+	oscap_source_free(export_source);
 
 	cleanup:
 		if (oscap_err())
 			fprintf(stderr, "%s %s\n", OSCAP_ERR_MSG, oscap_err_desc());
 
-	oscap_source_free(export_source);
 	free(action->cvrf_action);
 	return result;
 }