diff --git a/src/userinput.c b/src/userinput.c
index 524be2f1eab485d5d1c6388a8fb2331edf9d1eb8..f8384f97fca7f19dd228720ff8415caec0a3ae5a 100644
--- a/src/userinput.c
+++ b/src/userinput.c
@@ -41,17 +41,23 @@ static char *uri_escape(const char *string)
 	for (i = 0; string[i]; i++) {
 		if (allocated_len + 4 >= real_len) {
 			allocated_len += 16;
-			escaped = realloc(escaped, allocated_len);
+			char *tmp = realloc(escaped, allocated_len);
+
 			// bail out if realloc fails
-			if (escaped == NULL)
-				return NULL;
+			if (tmp == NULL) {
+				free(escaped);
+				escaped = NULL;
+				break;
+			}
+			escaped = tmp;
 		}
 		if (isalnum(string[i]))
 			escaped[real_len++] = string[i];
 		else
 			real_len += sprintf(&escaped[real_len], "%%%02X", string[i]);
 	}
-	escaped[real_len] = '\0';
+	if (escaped)
+		escaped[real_len] = '\0';
 
 	return escaped;
 }
@@ -63,6 +69,10 @@ static char *uri_unescape(const char *string)
 	int real_len = 0;
 	int i = 0;
 
+	// bail out if malloc fails
+	if (unescaped == NULL)
+		return NULL;
+
 	while (string[i]) {
 		if (string[i] == '%' && isxdigit(string[i + 1])
 		    && isxdigit(string[i + 2])) {