diff --git a/src/util/sha256.c b/src/util/sha256.c
index 311aac4a..4c2bb71a 100644
--- a/src/util/sha256.c
+++ b/src/util/sha256.c
@@ -15,8 +15,8 @@
 const char SHA256_version[] = "SHA-256" OPENSSL_VERSION_PTEXT;
 
 /* mem_clr.c */
-unsigned char cleanse_ctr = 0;
-void OPENSSL_cleanse(void *ptr, size_t len)
+unsigned static char cleanse_ctr = 0;
+static void OPENSSL_cleanse(void *ptr, size_t len)
 {
     unsigned char *p = ptr;
     size_t loop = len, ctr = cleanse_ctr;
diff --git a/src/util/srp.cpp b/src/util/srp.cpp
index 6fafe828..0d3ddf27 100644
--- a/src/util/srp.cpp
+++ b/src/util/srp.cpp
@@ -166,6 +166,15 @@ static struct NGHex global_Ng_constants[] = {
 };
 
 
+static void delete_ng(NGConstant *ng)
+{
+	if (ng) {
+		mpz_clear(ng->N);
+		mpz_clear(ng->g);
+		free(ng);
+	}
+}
+
 static NGConstant *new_ng( SRP_NGType ng_type, const char *n_hex, const char *g_hex )
 {
 	NGConstant *ng = (NGConstant *) malloc(sizeof(NGConstant));
@@ -180,22 +189,18 @@ static NGConstant *new_ng( SRP_NGType ng_type, const char *n_hex, const char *g_
 		g_hex = global_Ng_constants[ ng_type ].g_hex;
 	}
 
-	mpz_set_str(ng->N, n_hex, 16);
-	mpz_set_str(ng->g, g_hex, 16);
+	int rv = 0;
+	rv = mpz_set_str(ng->N, n_hex, 16);
+	rv = rv | mpz_set_str(ng->g, g_hex, 16);
+
+	if (rv) {
+		delete_ng(ng);
+		return 0;
+	}
 
 	return ng;
 }
 
-static void delete_ng( NGConstant *ng )
-{
-	if (ng) {
-		mpz_clear(ng->N);
-		mpz_clear(ng->g);
-		free(ng);
-	}
-}
-
-
 
 typedef union
 {
@@ -849,6 +854,8 @@ struct SRPUser *srp_user_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
 		mpz_clear(usr->a);
 		mpz_clear(usr->A);
 		mpz_clear(usr->S);
+		if (usr->ng)
+			delete_ng(usr->ng);
 		if (usr->username)
 			free(usr->username);
 		if (usr->username_verifier)