diff --git a/src/libopensc/card-iasecc.c b/src/libopensc/card-iasecc.c
index d2340402..9f21812d 100644
--- a/src/libopensc/card-iasecc.c
+++ b/src/libopensc/card-iasecc.c
@@ -2122,20 +2122,20 @@ iasecc_pin_get_policy (struct sc_card *card, struct sc_pin_cmd_data *data)
 	if (card->cache.valid && card->cache.current_df)   {
 		sc_file_dup(&save_current_df, card->cache.current_df);
 		if (save_current_df == NULL)
-			LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "Cannot duplicate current DF file");
+			LOG_TEST_GOTO_ERR(ctx, SC_ERROR_OUT_OF_MEMORY, "Cannot duplicate current DF file");
 	}
 
 	if (card->cache.valid && card->cache.current_ef)   {
 		sc_file_dup(&save_current_ef, card->cache.current_ef);
 		if (save_current_ef == NULL)
-			LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "Cannot duplicate current EF file");
+			LOG_TEST_GOTO_ERR(ctx, SC_ERROR_OUT_OF_MEMORY, "Cannot duplicate current EF file");
 	}
 
 	if (!(data->pin_reference & IASECC_OBJECT_REF_LOCAL) && card->cache.valid && card->cache.current_df) {
 		sc_format_path("3F00", &path);
 		path.type = SC_PATH_TYPE_FILE_ID;
 		rv = iasecc_select_file(card, &path, NULL);
-		LOG_TEST_RET(ctx, rv, "Unable to select MF");
+		LOG_TEST_GOTO_ERR(ctx, rv, "Unable to select MF");
 	}
 
 	memset(&sdo, 0, sizeof(sdo));
@@ -2146,10 +2146,10 @@ iasecc_pin_get_policy (struct sc_card *card, struct sc_pin_cmd_data *data)
 	sc_log(ctx, "iasecc_pin_get_policy() reference %i", sdo.sdo_ref);
 
 	rv = iasecc_sdo_get_data(card, &sdo);
-	LOG_TEST_RET(ctx, rv, "Cannot get SDO PIN data");
+	LOG_TEST_GOTO_ERR(ctx, rv, "Cannot get SDO PIN data");
 
 	if (sdo.docp.acls_contact.size == 0)
-		LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "Extremely strange ... there is no ACLs");
+		LOG_TEST_GOTO_ERR(ctx, SC_ERROR_INVALID_DATA, "Extremely strange ... there is no ACLs");
 
 	sc_log(ctx,
 	       "iasecc_pin_get_policy() sdo.docp.size.size %"SC_FORMAT_LEN_SIZE_T"u",
@@ -2177,13 +2177,13 @@ iasecc_pin_get_policy (struct sc_card *card, struct sc_pin_cmd_data *data)
 			se.reference = acl->key_ref;
 
 			rv = iasecc_se_get_info(card, &se);
-			LOG_TEST_RET(ctx, rv, "SDO get data error");
+			LOG_TEST_GOTO_ERR(ctx, rv, "SDO get data error");
 		}
 
 		if (scb & IASECC_SCB_METHOD_USER_AUTH)   {
 			rv = iasecc_se_get_crt_by_usage(card, &se,
 					IASECC_CRT_TAG_AT, IASECC_UQB_AT_USER_PASSWORD, &acl->crts[crt_num]);
-			LOG_TEST_RET(ctx, rv, "no authentication template for 'USER PASSWORD'");
+			LOG_TEST_GOTO_ERR(ctx, rv, "no authentication template for 'USER PASSWORD'");
 			sc_log(ctx, "iasecc_pin_get_policy() scb:0x%X; sdo_ref:[%i,%i,...]",
 					scb, acl->crts[crt_num].refs[0], acl->crts[crt_num].refs[1]);
 			crt_num++;
@@ -2227,17 +2227,19 @@ iasecc_pin_get_policy (struct sc_card *card, struct sc_pin_cmd_data *data)
 	if (save_current_df)   {
 		sc_log(ctx, "iasecc_pin_get_policy() restore current DF");
 		rv = iasecc_select_file(card, &save_current_df->path, NULL);
-		LOG_TEST_RET(ctx, rv, "Cannot return to saved DF");
-		sc_file_free(save_current_df);
+		LOG_TEST_GOTO_ERR(ctx, rv, "Cannot return to saved DF");
 	}
 
 	if (save_current_ef)   {
 		sc_log(ctx, "iasecc_pin_get_policy() restore current EF");
 		rv = iasecc_select_file(card, &save_current_ef->path, NULL);
-		LOG_TEST_RET(ctx, rv, "Cannot return to saved EF");
-		sc_file_free(save_current_ef);
+		LOG_TEST_GOTO_ERR(ctx, rv, "Cannot return to saved EF");
 	}
 
+err:
+	sc_file_free(save_current_df);
+	sc_file_free(save_current_ef);
+
 	LOG_FUNC_RETURN(ctx, rv);
 }
 
diff --git a/src/pkcs15init/pkcs15-authentic.c b/src/pkcs15init/pkcs15-authentic.c
index af1110fa..ddccd032 100644
--- a/src/pkcs15init/pkcs15-authentic.c
+++ b/src/pkcs15init/pkcs15-authentic.c
@@ -560,20 +560,20 @@ authentic_pkcs15_create_key(struct sc_profile *profile, struct sc_pkcs15_card *p
 		p15card->card->caps &= ~SC_CARD_CAP_USE_FCI_AC;
 		rv = sc_pkcs15init_authenticate(profile, p15card, file_p_prvkey, SC_AC_OP_DELETE);
 		p15card->card->caps = caps;
-		LOG_TEST_RET(ctx, rv, "SC_AC_OP_CRYPTO authentication failed for parent DF");
+		LOG_TEST_GOTO_ERR(ctx, rv, "SC_AC_OP_CRYPTO authentication failed for parent DF");
 
 		rv = sc_card_ctl(card, SC_CARDCTL_AUTHENTIC_SDO_DELETE, sdo);
-		LOG_TEST_RET(ctx, rv, "SC_CARDCTL_AUTHENTIC_SDO_DELETE failed for private key");
+		LOG_TEST_GOTO_ERR(ctx, rv, "SC_CARDCTL_AUTHENTIC_SDO_DELETE failed for private key");
 
 		rv = sc_card_ctl(card, SC_CARDCTL_AUTHENTIC_SDO_CREATE, sdo);
 	}
-	LOG_TEST_RET(ctx, rv, "SC_CARDCTL_AUTHENTIC_SDO_CREATE failed");
+	LOG_TEST_GOTO_ERR(ctx, rv, "SC_CARDCTL_AUTHENTIC_SDO_CREATE failed");
 
 	rv = authentic_pkcs15_fix_access(p15card, file_p_prvkey, object);
-	LOG_TEST_RET(ctx, rv, "cannot fix access rules for private key");
+	LOG_TEST_GOTO_ERR(ctx, rv, "cannot fix access rules for private key");
 
 	rv = authentic_pkcs15_fix_usage(p15card, object);
-	LOG_TEST_RET(ctx, rv, "cannot fix access rules for private key");
+	LOG_TEST_GOTO_ERR(ctx, rv, "cannot fix access rules for private key");
 
 	/* Here fix the key's supported algorithms, if these ones will be implemented
 	 * (see src/libopensc/pkcs15-prkey.c).
@@ -583,8 +583,10 @@ authentic_pkcs15_create_key(struct sc_profile *profile, struct sc_pkcs15_card *p
 	sc_log(ctx, "sdo->file:%p", sdo->file);
 
 	rv = sc_pkcs15_allocate_object_content(ctx, object, (unsigned char *)sdo, sizeof(struct sc_authentic_sdo));
-	LOG_TEST_RET(ctx, rv, "Failed to allocate PrvKey SDO as object content");
+	LOG_TEST_GOTO_ERR(ctx, rv, "Failed to allocate PrvKey SDO as object content");
 
+err:
+	free(sdo);
 	LOG_FUNC_RETURN(ctx, rv);
 }
 
diff --git a/src/pkcs15init/pkcs15-oberthur-awp.c b/src/pkcs15init/pkcs15-oberthur-awp.c
index 4daf0ff0..f9c96373 100644
--- a/src/pkcs15init/pkcs15-oberthur-awp.c
+++ b/src/pkcs15init/pkcs15-oberthur-awp.c
@@ -1387,25 +1387,26 @@ awp_update_df_create_cert(struct sc_pkcs15_card *p15card, struct sc_profile *pro
 	sc_debug(ctx, SC_LOG_DEBUG_NORMAL,
 		 "Cert Der(%p,%"SC_FORMAT_LEN_SIZE_T"u)", der.value, der.len);
 	rv = awp_encode_cert_info(p15card, obj, &icert);
-	SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot encode info");
+	SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot encode info");
 
 	rv = awp_set_certificate_info(p15card, profile, info_file, &icert);
-	SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot set info");
+	SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot set info");
 
 	rv = awp_update_object_list(p15card, profile, SC_PKCS15_TYPE_CERT_X509, obj_id & 0xFF);
-	SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot update list");
+	SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot update list");
 
 	rv = awp_update_container(p15card, profile, SC_PKCS15_TYPE_CERT_X509, &icert.id, obj_id, &prvkey_id);
-	SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot update container");
+	SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot update container");
 
 	sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "PrvKeyID:%04X", prvkey_id);
 
 	if (prvkey_id)
 		rv = awp_update_key_info(p15card, profile, prvkey_id, &icert);
-	SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot update key info");
+	SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Cert' update DF failed: cannot update key info");
 
 	awp_free_cert_info(&icert);
 
+err:
 	sc_file_free(info_file);
 	sc_file_free(obj_file);