diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c
index 141c8db487..43f7c0e15e 100644
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@@ -123,6 +123,8 @@ ldap_back_bind(
 		} else {
 			ber_dupbv( &lc->bound_dn, &op->o_req_dn );
 		}
+		mdn.bv_val = NULL;
+
 		if ( li->savecred ) {
 			if ( lc->cred.bv_val )
 				ch_free( lc->cred.bv_val );
@@ -149,6 +151,10 @@ ldap_back_bind(
 		}
 	}
 
+	if ( mdn.bv_val && mdn.bv_val != op->o_req_dn.bv_val ) {
+		free( mdn.bv_val );
+	}
+
 	return( rc );
 }
 
@@ -262,6 +268,7 @@ ldap_back_getconn(Operation *op, SlapReply *rs)
 	} else {
 		lc_curr.local_dn = op->o_ndn;
 	}
+
 	ldap_pvt_thread_mutex_lock( &li->conn_mutex );
 	lc = (struct ldapconn *)avl_find( li->conntree, 
 		(caddr_t)&lc_curr, ldap_back_conn_cmp );
@@ -278,6 +285,7 @@ ldap_back_getconn(Operation *op, SlapReply *rs)
 				rs->sr_text = "ldap_initialize() failed";
 			}
 			send_ldap_result( op, rs );
+			rs->sr_text = NULL;
 			return( NULL );
 		}
 		/* Set LDAP version. This will always succeed: If the client
@@ -516,7 +524,6 @@ ldap_back_op_result(struct ldapconn *lc, Operation *op, SlapReply *rs,
 	struct ldapinfo *li = (struct ldapinfo *)op->o_bd->be_private;
 	char *match = NULL;
 	LDAPMessage *res;
-	int rc;
 	char *text = NULL;
 
 	rs->sr_text = NULL;
@@ -527,8 +534,8 @@ ldap_back_op_result(struct ldapconn *lc, Operation *op, SlapReply *rs,
 			ldap_get_option(lc->ld, LDAP_OPT_ERROR_NUMBER,
 					&rs->sr_err);
 		} else {
-			rc = ldap_parse_result(lc->ld, res, &rs->sr_err, &match,
-				&text, NULL, NULL, 1);
+			int rc = ldap_parse_result(lc->ld, res, &rs->sr_err,
+					&match, &text, NULL, NULL, 1);
 			rs->sr_text = text;
 			if (rc != LDAP_SUCCESS) rs->sr_err = rc;
 		}
@@ -564,9 +571,13 @@ ldap_back_op_result(struct ldapconn *lc, Operation *op, SlapReply *rs,
 	if (op->o_conn && (sendok || rs->sr_err != LDAP_SUCCESS)) {
 		send_ldap_result( op, rs );
 	}
-	if (rs->sr_matched != match) free((char *)rs->sr_matched);
-	rs->sr_matched = NULL;
-	if ( match ) ldap_memfree( match );
+	if ( match ) {
+		if ( rs->sr_matched != match ) {
+			free( (char *)rs->sr_matched );
+		}
+		rs->sr_matched = NULL;
+		ldap_memfree( match );
+	}
 	if ( text ) {
 		ldap_memfree( text );
 	}
diff --git a/servers/slapd/back-ldap/compare.c b/servers/slapd/back-ldap/compare.c
index 7951a16916..14e7f1ce28 100644
--- a/servers/slapd/back-ldap/compare.c
+++ b/servers/slapd/back-ldap/compare.c
@@ -54,7 +54,6 @@ ldap_back_compare(
 	struct ldapconn *lc;
 	struct berval mapped_oc, mapped_at;
 	struct berval mdn = { 0, NULL };
-	int rc;
 	ber_int_t msgid;
 
 	lc = ldap_back_getconn(op, rs);
diff --git a/servers/slapd/back-ldap/search.c b/servers/slapd/back-ldap/search.c
index 0e141a9efd..5991d996a9 100644
--- a/servers/slapd/back-ldap/search.c
+++ b/servers/slapd/back-ldap/search.c
@@ -242,17 +242,21 @@ fail:;
 			e = ldap_first_entry(lc->ld,res);
 			if ( ldap_build_entry(op, e, &ent, &bdn,
 						LDAP_BUILD_ENTRY_PRIVATE) == LDAP_SUCCESS ) {
-				Attribute *a;
 				rs->sr_entry = &ent;
 				rs->sr_attrs = op->oq_search.rs_attrs;
 				send_search_entry( op, rs );
 				while (ent.e_attrs) {
+					Attribute *a;
+					BerVarray v;
+
 					a = ent.e_attrs;
 					ent.e_attrs = a->a_next;
+
+					v = a->a_vals;
 					if (a->a_vals != &dummy)
 						ber_bvarray_free(a->a_vals);
 #ifdef SLAP_NVALUES
-					if (a->a_nvals != a->a_vals)
+					if (a->a_nvals != v)
 						ber_bvarray_free(a->a_nvals);
 #endif
 					ch_free(a);
@@ -499,13 +503,7 @@ ldap_build_entry(
 			 * later, the local subschemaSubentry is
 			 * added.
 			 */
-			if ( ber_scanf( &ber, "[W]", &vals ) != LBER_ERROR
-					&& vals != NULL ) {
-				for ( bv = vals; bv->bv_val; bv++ ) {
-					LBER_FREE( bv->bv_val );
-				}
-				LBER_FREE( vals );
-			}
+			( void )ber_scanf( &ber, "x" /* [W] */ );
 
 			ch_free(attr);
 			continue;
@@ -678,7 +676,7 @@ ldap_back_entry_get(
 	struct berval mapped = { 0, NULL }, bdn, mdn;
 	LDAPMessage	*result = NULL, *e = NULL;
 	char *gattr[3];
-	char *filter;
+	char *filter = NULL;
 	Connection *oconn;
 	SlapReply rs;
 
@@ -730,7 +728,8 @@ ldap_back_entry_get(
 
 	ldap_back_map(&li->at_map, &at->ad_cname, &mapped, BACKLDAP_MAP);
 	if (mapped.bv_val == NULL || mapped.bv_val[0] == '\0') {
-		return 1;
+		rc = 1;
+		goto cleanup;
 	}
 
 	is_oc = (strcasecmp("objectclass", mapped.bv_val) == 0);
@@ -751,8 +750,6 @@ ldap_back_entry_get(
 		ptr = lutil_strcopy(ptr, mapped.bv_val);
 		*ptr++ = ')';
 		*ptr++ = '\0';
-	} else {
-		filter = "(objectclass=*)";
 	}
 		
 	if (ldap_search_ext_s(lc->ld, mdn.bv_val, LDAP_SCOPE_BASE, filter,
@@ -780,6 +777,10 @@ cleanup:
 		ldap_msgfree(result);
 	}
 
+	if ( filter ) {
+		ch_free( filter );
+	}
+
 	if ( mdn.bv_val != ndn->bv_val ) {
 		ch_free( mdn.bv_val );
 	}