diff -urN strongswan-4.1.11/src/libstrongswan/crypto/diffie_hellman.c strongswan-4.1.11-patched/src/libstrongswan/crypto/diffie_hellman.c
--- strongswan-4.1.11/src/libstrongswan/crypto/diffie_hellman.c	2007-11-06 12:38:01.000000000 +0100
+++ strongswan-4.1.11-patched/src/libstrongswan/crypto/diffie_hellman.c	2008-09-23 01:08:18.000000000 +0200
@@ -416,7 +416,7 @@
 	/* check public value: 
 	 * 1. 0 or 1 is invalid as 0^a = 0 and 1^a = 1
 	 * 2. a public value larger or equal the modulus is invalid */
-	if (mpz_cmp_ui(this->yb, 1) > 0 ||
+	if (mpz_cmp_ui(this->yb, 1) > 0 &&
 		mpz_cmp(this->yb, p_min_1) < 0)
 	{
 #ifdef EXTENDED_DH_TEST
@@ -462,6 +462,10 @@
 	}
 	value->len = this->p_len;
     value->ptr = mpz_export(NULL, NULL, 1, value->len, 1, 0, this->yb);
+	if (value->ptr == NULL)
+	{
+		return FAILED;
+	}
 	return SUCCESS;
 }
 
@@ -472,6 +476,10 @@
 {
 	value->len = this->p_len;
     value->ptr = mpz_export(NULL, NULL, 1, value->len, 1, 0, this->ya);
+    if (value->ptr == NULL)
+    {
+    	value->len = 0;
+    }
 }
 
 /**
@@ -484,7 +492,11 @@
 		return FAILED;
 	}
 	secret->len = this->p_len;
-    secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->zz);
+	secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->zz);
+	if (secret->ptr == NULL)
+	{
+		return FAILED;
+	}
 	return SUCCESS;
 }
 
diff -urN strongswan-4.1.11/src/libstrongswan/crypto/rsa/rsa_private_key.c strongswan-4.1.11-patched/src/libstrongswan/crypto/rsa/rsa_private_key.c
--- strongswan-4.1.11/src/libstrongswan/crypto/rsa/rsa_private_key.c	2008-01-29 00:21:30.000000000 +0100
+++ strongswan-4.1.11-patched/src/libstrongswan/crypto/rsa/rsa_private_key.c	2008-09-23 01:13:16.000000000 +0200
@@ -252,6 +252,10 @@
 	
 	decrypted.len = this->k;
 	decrypted.ptr = mpz_export(NULL, NULL, 1, decrypted.len, 1, 0, t1);
+	if (decrypted.ptr == NULL)
+	{
+		decrypted.len = 0;
+	}
 	
 	mpz_clear_randomized(t1);
 	mpz_clear_randomized(t2);
diff -urN strongswan-4.1.11/src/libstrongswan/crypto/rsa/rsa_public_key.c strongswan-4.1.11-patched/src/libstrongswan/crypto/rsa/rsa_public_key.c
--- strongswan-4.1.11/src/libstrongswan/crypto/rsa/rsa_public_key.c	2008-01-29 00:21:30.000000000 +0100
+++ strongswan-4.1.11-patched/src/libstrongswan/crypto/rsa/rsa_public_key.c	2008-09-23 01:13:01.000000000 +0200
@@ -128,9 +128,13 @@
 	
 	mpz_powm(c, m, this->e, this->n);
 
-    encrypted.len = this->k;
-    encrypted.ptr = mpz_export(NULL, NULL, 1, encrypted.len, 1, 0, c);
-	
+	encrypted.len = this->k;
+	encrypted.ptr = mpz_export(NULL, NULL, 1, encrypted.len, 1, 0, c);
+	if (encrypted.ptr == NULL)
+	{
+		encrypted.len = 0;
+	}
+ 	
 	mpz_clear(c);
 	mpz_clear(m);	
 	
diff -urN strongswan-4.1.11/src/openac/openac.c strongswan-4.1.11-patched/src/openac/openac.c
--- strongswan-4.1.11/src/openac/openac.c	2008-02-04 13:40:47.000000000 +0100
+++ strongswan-4.1.11-patched/src/openac/openac.c	2008-09-23 01:02:57.000000000 +0200
@@ -102,6 +102,10 @@
 
 	chunk.len = 1 + mpz_sizeinbase(number, 2)/BITS_PER_BYTE;
 	chunk.ptr = mpz_export(NULL, NULL, 1, chunk.len, 1, 0, number);
+	if (chunk.ptr == NULL)
+	{
+		chunk.len = 0;
+	}
 	return chunk;
 }