diff --git a/nbase/nbase_misc.c b/nbase/nbase_misc.c
index 9280f177f..75c5b6f1b 100644
--- a/nbase/nbase_misc.c
+++ b/nbase/nbase_misc.c
@@ -626,6 +626,10 @@ char *hexdump(const u8 *cp, u32 length){
       }
   }
   /* Allocate enough space to print the hex dump */
+  if (length > 16 * ((INT_MAX - 1) / LINE_LEN - 1)) {
+    /* Too big; would overflow INT_MAX bytes! */
+    return NULL;
+  }
   bytes2alloc=(length%16==0)? (1 + LINE_LEN * (length/16)) : (1 + LINE_LEN * (1+(length/16))) ;
   buffer=(char *)safe_zalloc(bytes2alloc);
   current_line=buffer;
diff --git a/nping/ProbeMode.cc b/nping/ProbeMode.cc
index a1991a688..08bc916f7 100644
--- a/nping/ProbeMode.cc
+++ b/nping/ProbeMode.cc
@@ -1682,8 +1682,10 @@ void ProbeMode::probe_nping_event_handler(nsock_pool nsp, nsock_event nse, void
                     snprintf(final_output, sizeof(final_output), "RCVD (%.4fs) %s\n", o.stats.elapsedRuntime(t), buffer);
                     if( o.getVerbosity() >= VB_3 ){
                         hex=hexdump(packet, packetlen);
-                        strncat(final_output, hex, sizeof(final_output)-1);
-                        free(hex);
+                        if (hex) {
+                          strncat(final_output, hex, sizeof(final_output)-1);
+                          free(hex);
+                        }
                     }
                     prevtime=pcaptime;
 
@@ -1710,8 +1712,10 @@ void ProbeMode::probe_nping_event_handler(nsock_pool nsp, nsock_event nse, void
                         snprintf(final_output, sizeof(final_output), "RCVD (%.4fs) %s\n", o.stats.elapsedRuntime(t), buffer);
                         if( o.getVerbosity() >= VB_3 ){
                             hex=hexdump(packet, packetlen);
-                            strncat(final_output, hex, sizeof(final_output)-1);
-                            free(hex);
+                            if (hex) {
+                              strncat(final_output, hex, sizeof(final_output)-1);
+                              free(hex);
+                            }
                         }
                         prevtime=pcaptime;
                         o.stats.addRecvPacket(packetlen);
diff --git a/service_scan.cc b/service_scan.cc
index a758962d7..4224955e2 100644
--- a/service_scan.cc
+++ b/service_scan.cc
@@ -546,7 +546,11 @@ const struct MatchDetails *ServiceProbeMatch::testMatch(const u8 *buf, int bufle
         pcre2_get_error_message(rc, (unsigned char *)info, SERVICE_EXTRA_LEN);
         error("PCRE2 error message: %s", info);
         if (o.debugging > 1) {
-          error("Service data: \n%s", hexdump(buf, buflen));
+          char *hex = hexdump(buf, buflen);
+          if (hex) {
+            error("Service data: \n%s", hex);
+            free(hex);
+          }
         }
       }
     }