diff --git a/include/sm/varargs.h b/include/sm/varargs.h

index 612858d..2609630 100644

--- a/include/sm/varargs.h

+++ b/include/sm/varargs.h

@@ -32,6 +32,11 @@

 #  define SM_VA_COPY(dst, src)	__va_copy((dst), (src))

 # else

 #  define SM_VA_COPY(dst, src)	memcpy(&(dst), &(src), sizeof((dst)))

+#  define SM_VA_END_COPY(ap)	do { } while (0)

+# endif

+

+# ifndef SM_VA_END_COPY

+#  define SM_VA_END_COPY(ap)	va_end(ap)

 # endif

 /*

diff --git a/libsm/vfprintf.c b/libsm/vfprintf.c

index 87c353c..c99d4e5 100644

--- a/libsm/vfprintf.c

+++ b/libsm/vfprintf.c

@@ -782,6 +782,7 @@ number:			if ((dprec = prec) >= 0)

 done:

 	FLUSH();

 error:

+	SM_VA_END_COPY(orgap);

 	if ((argtable != NULL) && (argtable != statargtable))

 		sm_free(argtable);

 	return sm_error(fp) ? SM_IO_EOF : ret;

diff --git a/sendmail/milter.c b/sendmail/milter.c

index 462efd2..af6dc66 100644

--- a/sendmail/milter.c

+++ b/sendmail/milter.c

@@ -2437,8 +2437,7 @@ milter_negotiate(m, e, milters)

 			sm_syslog(LOG_ERR, e->e_id,

 				  "Milter (%s): negotiate: returned %c instead of %c",

 				  m->mf_name, rcmd, SMFIC_OPTNEG);

-		if (response != NULL)

-			sm_free(response); /* XXX */

+		SM_FREE(response);

 		milter_error(m, e);

 		return -1;

 	}

@@ -2453,8 +2452,7 @@ milter_negotiate(m, e, milters)

 			sm_syslog(LOG_ERR, e->e_id,

 				  "Milter (%s): negotiate: did not return valid info",

 				  m->mf_name);

-		if (response != NULL)

-			sm_free(response); /* XXX */

+		SM_FREE(response);

 		milter_error(m, e);

 		return -1;

 	}

@@ -2472,8 +2470,7 @@ milter_negotiate(m, e, milters)

 			sm_syslog(LOG_ERR, e->e_id,

 				  "Milter (%s): negotiate: did not return enough info",

 				  m->mf_name);

-		if (response != NULL)

-			sm_free(response); /* XXX */

+		SM_FREE(response);

 		milter_error(m, e);

 		return -1;

 	}

@@ -2589,11 +2586,11 @@ milter_negotiate(m, e, milters)

 	if (tTd(64, 5))

 		sm_dprintf("milter_negotiate(%s): received: version %u, fflags 0x%x, pflags 0x%x\n",

 			m->mf_name, m->mf_fvers, m->mf_fflags, m->mf_pflags);

+	SM_FREE(response);

 	return 0;

   error:

-	if (response != NULL)

-		sm_free(response); /* XXX */

+	SM_FREE(response);

 	return -1;

 }

@@ -3230,6 +3227,7 @@ milter_changeheader(m, response, rlen, e)

 			addheader(newstr(field), mh_value, H_USER, e,

 				!bitset(SMFIP_HDR_LEADSPC, m->mf_pflags));

 		}

+		SM_FREE(mh_value);

 		return;

 	}

@@ -3438,6 +3436,8 @@ milter_chgfrom(response, rlen, e)

 	{

 		if (tTd(64, 10))

 			sm_dprintf("didn't follow protocol argc=%d\n", argc);

+		if (argv != NULL)

+			free(argv);

 		return;

 	}

@@ -3456,6 +3456,7 @@ milter_chgfrom(response, rlen, e)

 				mail_esmtp_args);

 	}

 	Errors = olderrors;

+	free(argv);

 	return;

 }

@@ -3503,6 +3504,8 @@ milter_addrcpt_par(response, rlen, e)

 	{

 		if (tTd(64, 10))

 			sm_dprintf("didn't follow protocol argc=%d\n", argc);

+		if (argv != NULL)

+			free(argv);

 		return;

 	}

 	olderrors = Errors;

@@ -3527,6 +3530,7 @@ milter_addrcpt_par(response, rlen, e)

 	}

 	Errors = olderrors;

+	free(argv);

 	return;

 }

diff --git a/sendmail/queue.c b/sendmail/queue.c

index 503f296..c9153c8 100644

--- a/sendmail/queue.c

+++ b/sendmail/queue.c

@@ -8590,6 +8590,7 @@ split_by_recipient(e)

 		if (split_within_queue(ee) == SM_SPLIT_FAIL)

 		{

 			e->e_sibling = firstsibling;

+			SM_FREE(lsplits);

 			return false;

 		}

 		ee->e_flags |= EF_SPLIT;

@@ -8604,8 +8605,7 @@ split_by_recipient(e)

 				if (p == NULL)

 				{

 					/* let's try to get this done */

-					sm_free(lsplits);

-					lsplits = NULL;

+					SM_FREE(lsplits);

 				}

 				else

 					lsplits = p;

@@ -8627,7 +8627,7 @@ split_by_recipient(e)

 	{

 		sm_syslog(LOG_NOTICE, e->e_id, "split: count=%d, id%s=%s",

 			  n - 1, n > 2 ? "s" : "", lsplits);

-		sm_free(lsplits);

+		SM_FREE(lsplits);

 	}

 	split = split_within_queue(e) != SM_SPLIT_FAIL;

 	if (split)