diff -up gnutls-2.12.14/lib/gcrypt/pk.c.leak gnutls-2.12.14/lib/gcrypt/pk.c
--- gnutls-2.12.14/lib/gcrypt/pk.c.leak	2011-09-18 00:16:53.000000000 +0200
+++ gnutls-2.12.14/lib/gcrypt/pk.c	2012-03-08 17:54:16.821192070 +0100
@@ -627,7 +627,6 @@ _rsa_generate_params (bigint_t * resarr,
 
   int ret, i;
   gcry_sexp_t parms, key, list;
-  bigint_t tmp;
 
   if (*resarr_len < RSA_PRIVATE_PARAMS)
     {
@@ -733,14 +732,6 @@ _rsa_generate_params (bigint_t * resarr,
 
   *resarr_len = 6;
 
-  tmp = _gnutls_mpi_alloc_like (resarr[0]);
-  if (tmp == NULL)
-    {
-      gnutls_assert ();
-      ret = GNUTLS_E_MEMORY_ERROR;
-      goto cleanup;
-    }
-
   ret = _gnutls_calc_rsa_exp (resarr, 2 + *resarr_len);
   if (ret < 0)
     {
diff -up gnutls-2.12.14/lib/gnutls_pk.c.leak gnutls-2.12.14/lib/gnutls_pk.c
--- gnutls-2.12.14/lib/gnutls_pk.c.leak	2011-09-18 00:16:53.000000000 +0200
+++ gnutls-2.12.14/lib/gnutls_pk.c	2012-03-08 17:40:58.725314720 +0100
@@ -544,6 +544,7 @@ _generate_params (int algo, bigint_t * r
     }
   else
     {
+      gnutls_pk_params_release(&params);
       gnutls_assert ();
       return GNUTLS_E_INVALID_REQUEST;
     }
diff -up gnutls-2.12.14/lib/x509/privkey.c.leak gnutls-2.12.14/lib/x509/privkey.c
--- gnutls-2.12.14/lib/x509/privkey.c.leak	2011-09-18 00:16:54.000000000 +0200
+++ gnutls-2.12.14/lib/x509/privkey.c	2012-03-08 17:45:55.467830355 +0100
@@ -1466,6 +1466,7 @@ gnutls_x509_privkey_generate (gnutls_x50
         {
           gnutls_assert ();
           ret = GNUTLS_E_INTERNAL_ERROR;
+          goto cleanup;
         }
 
       if (ret < 0)
@@ -1490,6 +1491,7 @@ gnutls_x509_privkey_generate (gnutls_x50
         {
           gnutls_assert ();
           ret = GNUTLS_E_INTERNAL_ERROR;
+          goto cleanup;
         }
       if (ret < 0)
         {