diff --git a/libfreerdp/core/certificate.c b/libfreerdp/core/certificate.c
index 233ca8ff4..fcc3f01bf 100644
--- a/libfreerdp/core/certificate.c
+++ b/libfreerdp/core/certificate.c
@@ -717,13 +717,7 @@ void key_free(rdpRsaKey* key)
 
 rdpCertificate* certificate_new()
 {
-	rdpCertificate* certificate;
-
-	certificate = (rdpCertificate*) calloc(1, sizeof(rdpCertificate));
-	if (!certificate)
-		return NULL;
-
-	return certificate;
+	return (rdpCertificate*) calloc(1, sizeof(rdpCertificate));
 }
 
 /**
diff --git a/libfreerdp/core/gcc.c b/libfreerdp/core/gcc.c
index 9d8932aef..d9c6fe67a 100644
--- a/libfreerdp/core/gcc.c
+++ b/libfreerdp/core/gcc.c
@@ -982,37 +982,31 @@ BOOL gcc_read_server_security_data(wStream* s, rdpMcs* mcs)
 	if (Stream_GetRemainingLength(s) < settings->ServerRandomLength + settings->ServerCertificateLength)
 		return FALSE;
 
-	if (settings->ServerRandomLength > 0)
-	{
-		/* serverRandom */
-		settings->ServerRandom = (BYTE*) malloc(settings->ServerRandomLength);
-		Stream_Read(s, settings->ServerRandom, settings->ServerRandomLength);
-	}
-	else
-	{
+	if ((settings->ServerRandomLength <= 0) || (settings->ServerCertificateLength <= 0))
 		return FALSE;
-	}
 
-	if (settings->ServerCertificateLength > 0)
-	{
-		/* serverCertificate */
-		settings->ServerCertificate = (BYTE*) malloc(settings->ServerCertificateLength);
-		Stream_Read(s, settings->ServerCertificate, settings->ServerCertificateLength);
-
-		certificate_free(settings->RdpServerCertificate);
-		settings->RdpServerCertificate = certificate_new();
-		data = settings->ServerCertificate;
-		length = settings->ServerCertificateLength;
-
-		if (certificate_read_server_certificate(settings->RdpServerCertificate, data, length) < 1)
-			return FALSE;
-	}
-	else
-	{
+	/* serverRandom */
+	settings->ServerRandom = (BYTE*) malloc(settings->ServerRandomLength);
+	if (!settings->ServerRandom)
 		return FALSE;
-	}
+	Stream_Read(s, settings->ServerRandom, settings->ServerRandomLength);
 
-	return TRUE;
+
+	/* serverCertificate */
+	settings->ServerCertificate = (BYTE*) malloc(settings->ServerCertificateLength);
+	if (!settings->ServerCertificate)
+		return FALSE;
+	Stream_Read(s, settings->ServerCertificate, settings->ServerCertificateLength);
+
+	certificate_free(settings->RdpServerCertificate);
+	settings->RdpServerCertificate = certificate_new();
+	if (!settings->RdpServerCertificate)
+		return FALSE;
+
+	data = settings->ServerCertificate;
+	length = settings->ServerCertificateLength;
+
+	return certificate_read_server_certificate(settings->RdpServerCertificate, data, length);
 }
 
 static const BYTE initial_signature[] =