diff --git a/ChangeLog b/ChangeLog
index a6bcdf1de..b9f805392 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,8 @@ Security
 Bugfix
    * The length of various ClientKeyExchange messages was not properly checked.
    * Some example server programs were not sending the close_notify alert.
+   * Potential memory leak in mpi_exp_mod() when error occurs during
+     calculation of RR.
 
 = PolarSSL 1.3.5 released on 2014-03-26
 Features
diff --git a/library/bignum.c b/library/bignum.c
index 6d49caab5..012e9e3e4 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -1715,7 +1715,7 @@ cleanup:
 
     mpi_free( &W[1] ); mpi_free( &T ); mpi_free( &Apos );
 
-    if( _RR == NULL )
+    if( _RR == NULL || _RR->p == NULL )
         mpi_free( &RR );
 
     return( ret );