--- tools/xenstore/xenstored_core.c.orig	2007-09-17 08:11:14.000000000 +0800
+++ tools/xenstore/xenstored_core.c	2007-09-17 10:05:10.000000000 +0800
@@ -347,6 +347,11 @@ int *talloc_open(const char *pathname, i
 	int *fd;
 
 	fd = talloc(pathname, int);
+	if (!fd) 
+	{
+		errno = ENOMEM;
+		return NULL;
+	}
 	*fd = open(pathname, flags, mode);
 	if (*fd < 0) {
 		int saved_errno = errno;
@@ -397,6 +402,11 @@ static struct node *read_node(struct con
 	}
 
 	node = talloc(name, struct node);
+	if (!node) 
+	{
+		errno = ENOMEM;
+		return NULL;
+	}
 	node->name = talloc_strdup(node, name);
 	node->parent = NULL;
 	node->tdb = tdb_context(conn);
@@ -493,8 +503,9 @@ static char *get_parent(const char *node
 /* What do parents say? */
 static enum xs_perm_type ask_parents(struct connection *conn, const char *name)
 {
-	struct node *node;
-
+	struct node *node = NULL;
+	enum xs_perm_type status;
+	
 	do {
 		name = get_parent(name);
 		node = read_node(conn, name);
@@ -506,7 +517,10 @@ static enum xs_perm_type ask_parents(str
 	if (!node)
 		corrupt(conn, "No permissions file at root");
 
-	return perm_for_conn(conn, node->perms, node->num_perms);
+	status = perm_for_conn(conn, node->perms, node->num_perms);
+	if (node)
+		talloc_free(node);
+	return status;
 }
 
 /* We have a weird permissions system.  You can allow someone into a
@@ -793,6 +807,11 @@ static struct node *construct_node(struc
 
 	/* Allocate node */
 	node = talloc(name, struct node);
+	if (!node) 
+	{
+		errno = ENOMEM;
+		return NULL;
+	}
 	node->tdb = tdb_context(conn);
 	node->name = talloc_strdup(node, name);
 
@@ -808,6 +827,8 @@ static struct node *construct_node(struc
 	node->childlen = node->datalen = 0;
 	node->parent = parent;
 	domain_entry_inc(conn, node);
+	talloc_free(parentname);
+
 	return node;
 }
 
@@ -937,17 +958,19 @@ static void delete_node(struct connectio
 	for (i = 0; i < node->childlen; i += strlen(node->children+i) + 1) {
 		struct node *child;
 
-		child = read_node(conn, 
-				  talloc_asprintf(node, "%s/%s", node->name,
-						  node->children + i));
+		/* talloc_asprintf() will return an allocated memory pointer */
+		char *pnode = talloc_asprintf(node, "%s/%s", node->name, node->children + i));
+		child = read_node(conn, pnode);
 		if (child) {
 			delete_node(conn, child);
+			talloc_free(child);
 		}
 		else {
 			trace("delete_node: No child '%s/%s' found!\n",
 			      node->name, node->children + i);
 			/* Skip it, we've already deleted the parent. */
 		}
+		talloc_free(pnode);
 	}
 }
 
@@ -1067,7 +1090,10 @@ static void do_get_perms(struct connecti
 	if (!strings)
 		send_error(conn, errno);
 	else
+	{
 		send_reply(conn, XS_GET_PERMS, strings, len);
+		talloc_free(strings);
+	}
 }
 
 static void do_set_perms(struct connection *conn, struct buffered_data *in)
@@ -1301,7 +1327,7 @@ static void handle_input(struct connecti
 
 bad_client:
 	/* Kill it. */
-	talloc_free(conn);
+	talloc_free(conn->in);
 }
 
 static void handle_output(struct connection *conn)