diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index 511f891393..cf45cb882f 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -1393,6 +1393,12 @@ pg_SSPI_recvauth(Port *port)
 						(errcode(ERRCODE_PROTOCOL_VIOLATION),
 						 errmsg("expected SSPI response, got message type %d",
 								mtype)));
+			if (sspictx != NULL)
+			{
+				DeleteSecurityContext(sspictx);
+				free(sspictx);
+			}
+			FreeCredentialsHandle(&sspicred);
 			return STATUS_ERROR;
 		}
 
@@ -1402,6 +1408,12 @@ pg_SSPI_recvauth(Port *port)
 		{
 			/* EOF - pq_getmessage already logged error */
 			pfree(buf.data);
+			if (sspictx != NULL)
+			{
+				DeleteSecurityContext(sspictx);
+				free(sspictx);
+			}
+			FreeCredentialsHandle(&sspicred);
 			return STATUS_ERROR;
 		}
 
@@ -2517,6 +2529,7 @@ InitializeLDAPConnection(Port *port, LDAP **ldap)
 						(errmsg("could not load function _ldap_start_tls_sA in wldap32.dll"),
 						 errdetail("LDAP over SSL is not supported on this platform.")));
 				ldap_unbind(*ldap);
+				FreeLibrary(ldaphandle);
 				return STATUS_ERROR;
 			}
 
diff --git a/src/backend/port/win32_shmem.c b/src/backend/port/win32_shmem.c
index 30b07303ff..e8911a9999 100644
--- a/src/backend/port/win32_shmem.c
+++ b/src/backend/port/win32_shmem.c
@@ -576,6 +576,7 @@ pgwin32_ReserveSharedMemoryRegion(HANDLE hChild)
 		 */
 		elog(LOG, "reserved shared memory region got incorrect address %p, expected %p",
 			 address, ShmemProtectiveRegion);
+		VirtualFreeEx(hChild, address, 0, MEM_RELEASE);
 		return false;
 	}
 
@@ -592,6 +593,7 @@ pgwin32_ReserveSharedMemoryRegion(HANDLE hChild)
 	{
 		elog(LOG, "reserved shared memory region got incorrect address %p, expected %p",
 			 address, UsedShmemSegAddr);
+		VirtualFreeEx(hChild, address, 0, MEM_RELEASE);
 		return false;
 	}
 
diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c
index 7a92dac525..8c10bbbabc 100644
--- a/src/backend/postmaster/postmaster.c
+++ b/src/backend/postmaster/postmaster.c
@@ -4719,6 +4719,8 @@ retry:
 	if (cmdLine[sizeof(cmdLine) - 2] != '\0')
 	{
 		elog(LOG, "subprocess command line too long");
+		UnmapViewOfFile(param);
+		CloseHandle(paramHandle);
 		return -1;
 	}
 
@@ -4735,6 +4737,8 @@ retry:
 	{
 		elog(LOG, "CreateProcess call failed: %m (error code %lu)",
 			 GetLastError());
+		UnmapViewOfFile(param);
+		CloseHandle(paramHandle);
 		return -1;
 	}
 
@@ -4750,6 +4754,8 @@ retry:
 									 GetLastError())));
 		CloseHandle(pi.hProcess);
 		CloseHandle(pi.hThread);
+		UnmapViewOfFile(param);
+		CloseHandle(paramHandle);
 		return -1;				/* log made by save_backend_variables */
 	}
 
@@ -4839,6 +4845,7 @@ retry:
 	/* Don't close pi.hProcess here - the wait thread needs access to it */
 
 	CloseHandle(pi.hThread);
+	free(childinfo);
 
 	return pi.dwProcessId;
 }
diff --git a/src/backend/regex/rege_dfa.c b/src/backend/regex/rege_dfa.c
index 5695e158a5..f62770ba37 100644
--- a/src/backend/regex/rege_dfa.c
+++ b/src/backend/regex/rege_dfa.c
@@ -530,6 +530,8 @@ freedfa(struct dfa *d)
 
 	if (d->mallocarea != NULL)
 		FREE(d->mallocarea);
+
+	FREE(d);
 }
 
 /*
diff --git a/src/backend/regex/regexec.c b/src/backend/regex/regexec.c
index f7eaa76b02..cba5ecafe7 100644
--- a/src/backend/regex/regexec.c
+++ b/src/backend/regex/regexec.c
@@ -389,7 +389,11 @@ find(struct vars *v,
 	/* first, a shot with the search RE */
 	s = newdfa(v, &v->g->search, cm, &v->dfa1);
 	assert(!(ISERR() && s != NULL));
-	NOERR();
+	if (ISERR())
+	{
+		freedfa(s);
+		return v->err;
+	}
 	MDEBUG(("\nsearch at %ld\n", LOFF(v->start)));
 	cold = NULL;
 	close = shortest(v, s, v->search_start, v->search_start, v->stop,
@@ -473,7 +477,11 @@ cfind(struct vars *v,
 	int			ret;
 
 	s = newdfa(v, &v->g->search, cm, &v->dfa1);
-	NOERR();
+	if (ISERR())
+	{
+		freedfa(s);
+		return v->err;
+	}
 	d = newdfa(v, cnfa, cm, &v->dfa2);
 	if (ISERR())
 	{
diff --git a/src/common/logging.c b/src/common/logging.c
index c78ae793b8..982888eddb 100644
--- a/src/common/logging.c
+++ b/src/common/logging.c
@@ -78,11 +78,20 @@ pg_logging_init(const char *argv0)
 						value = e + 1;
 
 						if (strcmp(name, "error") == 0)
+						{
+							free(sgr_error);
 							sgr_error = strdup(value);
+						}
 						if (strcmp(name, "warning") == 0)
+						{
+							free(sgr_warning);
 							sgr_warning = strdup(value);
+						}
 						if (strcmp(name, "locus") == 0)
+						{
+							free(sgr_locus);
 							sgr_locus = strdup(value);
+						}
 					}
 				}
 
diff --git a/src/common/restricted_token.c b/src/common/restricted_token.c
index 74ba7192a1..15ba86d1a8 100644
--- a/src/common/restricted_token.c
+++ b/src/common/restricted_token.c
@@ -76,6 +76,7 @@ CreateRestrictedProcess(char *cmd, PROCESS_INFORMATION *processInfo)
 	if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &origToken))
 	{
 		pg_log_error("could not open process token: error code %lu", GetLastError());
+		FreeLibrary(Advapi32Handle);
 		return 0;
 	}
 
@@ -89,6 +90,8 @@ CreateRestrictedProcess(char *cmd, PROCESS_INFORMATION *processInfo)
 								  0, &dropSids[1].Sid))
 	{
 		pg_log_error("could not allocate SIDs: error code %lu", GetLastError());
+		CloseHandle(origToken);
+		FreeLibrary(Advapi32Handle);
 		return 0;
 	}
 
@@ -187,6 +190,7 @@ get_restricted_token(void)
 			}
 			exit(x);
 		}
+		free(cmdline);
 	}
 #endif
 }