diff --git a/plugins/python/regress/iohelpers.c b/plugins/python/regress/iohelpers.c
index 9c71dfce2..d4811004d 100644
--- a/plugins/python/regress/iohelpers.c
+++ b/plugins/python/regress/iohelpers.c
@@ -140,11 +140,14 @@ str_array_snprint(char *out_str, size_t max_len, char **str_array, int array_len
 char *
 str_replaced(const char *source, size_t dest_len, const char *old, const char *new)
 {
-    char *result = calloc(1, dest_len);
+    char *result = malloc(dest_len);
     char *dest = result;
     char *pos = NULL;
     size_t old_len = strlen(old);
 
+    if (result == NULL)
+        return NULL;
+
     while ((pos = strstr(source, old)) != NULL) {
         size_t len = snprintf(dest, dest_len,
             "%.*s%s", (int)(pos - source), source, new);
@@ -170,6 +173,8 @@ void
 str_replace_in_place(char *string, size_t max_length, const char *old, const char *new)
 {
     char *replaced = str_replaced(string, max_length, old, new);
-    strlcpy(string, replaced, max_length);
-    free(replaced);
+    if (replaced != NULL) {
+        strlcpy(string, replaced, max_length);
+        free(replaced);
+    }
 }
diff --git a/plugins/python/regress/testhelpers.c b/plugins/python/regress/testhelpers.c
index 9c42c1da9..7675c7d17 100644
--- a/plugins/python/regress/testhelpers.c
+++ b/plugins/python/regress/testhelpers.c
@@ -93,10 +93,22 @@ create_str_array(size_t count, ...)
 
     va_start(args, count);
 
-    char ** result = calloc(count, sizeof(char *));
-    for (size_t i = 0; i < count; ++i) {
-        const char *str = va_arg(args, char *);
-        result[i] = (str == NULL ? NULL : strdup(str));
+    char **result = calloc(count, sizeof(char *));
+    if (result != NULL) {
+        for (size_t i = 0; i < count; ++i) {
+            const char *str = va_arg(args, char *);
+            if (str != NULL) {
+                result[i] = strdup(str);
+                if (result[i] == NULL) {
+                    while (i > 0) {
+                        free(result[--i]);
+                    }
+                    free(result);
+                    result = NULL;
+                    break;
+                }
+            }
+        }
     }
 
     va_end(args);
@@ -164,6 +176,8 @@ fake_conversation(int num_msgs, const struct sudo_conv_message msgs[],
             return 1; // simulates user interruption (conversation error)
 
         replies[i].reply = strdup(data.conv_replies[i]);
+        if (replies[i].reply == NULL)
+            return 1; // memory allocation error
     }
 
     return 0; // simulate user answered just fine