diff -up openssl-fips-0.9.8e/crypto/bn/bn_gf2m.c.wexpand openssl-fips-0.9.8e/crypto/bn/bn_gf2m.c
--- openssl-fips-0.9.8e/crypto/bn/bn_gf2m.c.wexpand	2006-02-08 20:16:11.000000000 +0100
+++ openssl-fips-0.9.8e/crypto/bn/bn_gf2m.c	2010-03-12 13:28:55.000000000 +0100
@@ -294,7 +294,8 @@ int	BN_GF2m_add(BIGNUM *r, const BIGNUM 
 	if (a->top < b->top) { at = b; bt = a; }
 	else { at = a; bt = b; }
 
-	bn_wexpand(r, at->top);
+	if(bn_wexpand(r, at->top) == NULL)
+		return 0;
 
 	for (i = 0; i < bt->top; i++)
 		{
diff -up openssl-fips-0.9.8e/crypto/bn/bn_mul.c.wexpand openssl-fips-0.9.8e/crypto/bn/bn_mul.c
--- openssl-fips-0.9.8e/crypto/bn/bn_mul.c.wexpand	2010-02-18 15:58:31.000000000 +0100
+++ openssl-fips-0.9.8e/crypto/bn/bn_mul.c	2010-03-12 13:27:24.000000000 +0100
@@ -1030,15 +1030,15 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, c
 			t = BN_CTX_get(ctx);
 			if (al > j || bl > j)
 				{
-				bn_wexpand(t,k*4);
-				bn_wexpand(rr,k*4);
+				if (bn_wexpand(t,k*4) == NULL) goto err;
+				if (bn_wexpand(rr,k*4) == NULL) goto err;
 				bn_mul_part_recursive(rr->d,a->d,b->d,
 					j,al-j,bl-j,t->d);
 				}
 			else	/* al <= j || bl <= j */
 				{
-				bn_wexpand(t,k*2);
-				bn_wexpand(rr,k*2);
+				if (bn_wexpand(t,k*2) == NULL) goto err;
+				if (bn_wexpand(rr,k*2) == NULL) goto err;
 				bn_mul_recursive(rr->d,a->d,b->d,
 					j,al-j,bl-j,t->d);
 				}
diff -up openssl-fips-0.9.8e/engines/e_ubsec.c.wexpand openssl-fips-0.9.8e/engines/e_ubsec.c
--- openssl-fips-0.9.8e/engines/e_ubsec.c.wexpand	2005-07-16 13:13:08.000000000 +0200
+++ openssl-fips-0.9.8e/engines/e_ubsec.c	2010-03-12 13:30:07.000000000 +0100
@@ -934,7 +934,7 @@ static int ubsec_dh_generate_key(DH *dh)
                 priv_key = BN_new();
                 if (priv_key == NULL) goto err;
                 priv_key_len = BN_num_bits(dh->p);
-                bn_wexpand(priv_key, dh->p->top);
+                if (bn_wexpand(priv_key, dh->p->top) == NULL) goto err;
                 do
                         if (!BN_rand_range(priv_key, dh->p)) goto err;
                 while (BN_is_zero(priv_key));
@@ -949,7 +949,7 @@ static int ubsec_dh_generate_key(DH *dh)
                 {
                 pub_key = BN_new();
                 pub_key_len = BN_num_bits(dh->p);
-                bn_wexpand(pub_key, dh->p->top);
+                if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err;
                 if(pub_key == NULL) goto err;
                 }
         else