From ce3f205cd64d9f4fab1e83bbbd4717d0a4d1f7da Mon Sep 17 00:00:00 2001
From: Armin Novak <armin.novak@thincast.com>
Date: Tue, 3 Mar 2026 12:30:26 +0100
Subject: [PATCH] [core,gateway] fix missing return checks

---
 libfreerdp/core/gateway/rdg.c | 3 ++-
 libfreerdp/core/gateway/tsg.c | 4 +++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/libfreerdp/core/gateway/rdg.c b/libfreerdp/core/gateway/rdg.c
index bdab4035b..2f827c799 100644
--- a/libfreerdp/core/gateway/rdg.c
+++ b/libfreerdp/core/gateway/rdg.c
@@ -2233,7 +2233,8 @@ rdpRdg* rdg_new(rdpContext* context)
 	if (rdg->context->settings->GatewayAccessToken)
 		rdg->extAuth = HTTP_EXTENDED_AUTH_PAA;
 
-	UuidCreate(&rdg->guid);
+	if (UuidCreate(&rdg->guid) != RPC_S_OK)
+		goto rdg_alloc_error;
 
 	rdg->tlsOut = freerdp_tls_new(rdg->context);
 
diff --git a/libfreerdp/core/gateway/tsg.c b/libfreerdp/core/gateway/tsg.c
index 15012c90b..93d68e23a 100644
--- a/libfreerdp/core/gateway/tsg.c
+++ b/libfreerdp/core/gateway/tsg.c
@@ -1037,6 +1037,9 @@ static BOOL tsg_packet_quarenc_response_to_string(char** buffer, size_t* length,
 	if (!tsg_print(buffer, length, " "))
 		return FALSE;
 
+	if (UuidToStringA(&caps->nonce, &uuid) != RPC_S_OK)
+		return FALSE;
+
 	if (caps->certChainLen > 0)
 	{
 		if (caps->certChainLen > INT_MAX)
@@ -1047,7 +1050,6 @@ static BOOL tsg_packet_quarenc_response_to_string(char** buffer, size_t* length,
 	}
 
 	tsg_packet_versioncaps_to_string(&ptbuffer, &size, &caps->versionCaps);
-	UuidToStringA(&caps->nonce, &uuid);
 	if (strdata || (caps->certChainLen == 0))
 		rc =
 		    tsg_print(buffer, length,