diff --git a/core/c/mpw-marshall.c b/core/c/mpw-marshall.c
index b470d924..170274a5 100644
--- a/core/c/mpw-marshall.c
+++ b/core/c/mpw-marshall.c
@@ -51,8 +51,7 @@ MPMarshalledSite *mpw_marshall_site(
         MPMarshalledUser *marshalledUser,
         const char *siteName, const MPPasswordType siteType, const uint32_t siteCounter, const MPAlgorithmVersion algorithmVersion) {
 
-    if (!siteName || !(marshalledUser->sites =
-            realloc( marshalledUser->sites, sizeof( MPMarshalledSite ) * (++marshalledUser->sites_count) )))
+    if (!siteName || !mpw_realloc( &marshalledUser->sites, NULL, sizeof( MPMarshalledSite ) * ++marshalledUser->sites_count ))
         return NULL;
 
     MPMarshalledSite *site = &marshalledUser->sites[marshalledUser->sites_count - 1];
@@ -79,8 +78,7 @@ MPMarshalledSite *mpw_marshall_site(
 MPMarshalledQuestion *mpw_marshal_question(
         MPMarshalledSite *marshalledSite, const char *keyword) {
 
-    if (!keyword || !(marshalledSite->questions =
-            realloc( marshalledSite->questions, sizeof( MPMarshalledQuestion ) * (++marshalledSite->questions_count) )))
+    if (!keyword || !mpw_realloc( &marshalledSite->questions, NULL, sizeof( MPMarshalledQuestion ) * ++marshalledSite->questions_count ))
         return NULL;
 
     MPMarshalledQuestion *question = &marshalledSite->questions[marshalledSite->questions_count - 1];
@@ -176,7 +174,8 @@ static bool mpw_marshall_write_flat(
             }
             else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
                 content = mpw_decrypt( masterKey, site.content, site.algorithm );
-        } else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
+        }
+        else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
             // Redacted
             content = strdup( site.content );
 
diff --git a/core/c/mpw-util.c b/core/c/mpw-util.c
index 6e784f70..e95fc1a0 100644
--- a/core/c/mpw-util.c
+++ b/core/c/mpw-util.c
@@ -47,19 +47,16 @@ bool mpw_push_buf(uint8_t **const buffer, size_t *const bufferSize, const void *
         // The buffer was marked as broken, it is missing a previous push.  Abort to avoid corrupt content.
         return false;
 
-    *bufferSize += pushSize;
-    uint8_t *resizedBuffer = realloc( *buffer, *bufferSize );
-    if (!resizedBuffer) {
+    if (!mpw_realloc( buffer, bufferSize, pushSize )) {
         // realloc failed, we can't push.  Mark the buffer as broken.
-        mpw_free( *buffer, *bufferSize - pushSize );
+        mpw_free( *buffer, *bufferSize );
         *bufferSize = (size_t)ERR;
         *buffer = NULL;
         return false;
     }
 
-    *buffer = resizedBuffer;
-    uint8_t *pushDst = *buffer + *bufferSize - pushSize;
-    memcpy( pushDst, pushBuffer, pushSize );
+    uint8_t *bufferOffset = *buffer + *bufferSize - pushSize;
+    memcpy( bufferOffset, pushBuffer, pushSize );
     return true;
 }
 
@@ -94,6 +91,22 @@ bool mpw_push_int(uint8_t **const buffer, size_t *const bufferSize, const uint32
     return mpw_push_buf( buffer, bufferSize, &pushInt, sizeof( pushInt ) );
 }
 
+bool mpw_realloc(void **buffer, size_t *bufferSize, const size_t deltaSize) {
+
+    if (!buffer)
+        return false;
+
+    void *newBuffer = realloc( *buffer, (bufferSize? *bufferSize: 0) + deltaSize );
+    if (!newBuffer)
+        return false;
+
+    *buffer = newBuffer;
+    if (bufferSize)
+        *bufferSize += deltaSize;
+
+    return true;
+}
+
 bool mpw_free(const void *buffer, const size_t bufferSize) {
 
     if (!buffer)
@@ -257,7 +270,7 @@ const char *mpw_hex(const void *buf, size_t length) {
         mpw_hex_buf = calloc( 10, sizeof( char * ) );
     mpw_hex_buf_i = (mpw_hex_buf_i + 1) % 10;
 
-    mpw_hex_buf[mpw_hex_buf_i] = realloc( mpw_hex_buf[mpw_hex_buf_i], length * 2 + 1 );
+    if (mpw_realloc( &mpw_hex_buf[mpw_hex_buf_i], NULL, length * 2 + 1 ))
     for (size_t kH = 0; kH < length; kH++)
         sprintf( &(mpw_hex_buf[mpw_hex_buf_i][kH * 2]), "%02X", ((const uint8_t *)buf)[kH] );
 
diff --git a/core/c/mpw-util.h b/core/c/mpw-util.h
index 5769bcb1..09a3c517 100644
--- a/core/c/mpw-util.h
+++ b/core/c/mpw-util.h
@@ -112,6 +112,17 @@ bool mpw_string_pushf(
 /** Push an integer onto a buffer.  reallocs the given buffer and appends the given integer. */
 bool mpw_push_int(
         uint8_t **const buffer, size_t *const bufferSize, const uint32_t pushInt);
+/** Reallocate the given buffer from the given size by adding the delta size.
+  * On success, the buffer size pointer will be updated to the buffer's new size
+  * and the buffer pointer may be updated to a new memory address.
+  * On failure, the buffer and pointers will remain unaffected.
+  * @param buffer A pointer to the buffer to reallocate.
+  * @param bufferSize A pointer to the buffer's actual size.
+  * @param deltaSize The amount to increase the buffer's size by.
+  * @return true if successful, false if reallocation failed.
+  */
+bool mpw_realloc(
+        void **buffer, size_t *bufferSize, const size_t deltaSize);
 /** Free a buffer after zero'ing its contents. */
 bool mpw_free(
         const void *buffer, const size_t bufferSize);
diff --git a/platform-independent/cli-c/cli/mpw-cli.c b/platform-independent/cli-c/cli/mpw-cli.c
index 426520ac..ac6e8c9a 100644
--- a/platform-independent/cli-c/cli/mpw-cli.c
+++ b/platform-independent/cli-c/cli/mpw-cli.c
@@ -215,10 +215,10 @@ int main(int argc, char *const argv[]) {
     // Read the user's sites file.
     if (mpwSites) {
         // Read file.
-        size_t readAmount = 4096, bufSize = 0, bufPointer = 0, readSize = 0;
+        size_t readAmount = 4096, bufSize = 0, bufOffset = 0, readSize = 0;
         char *buf = NULL;
-        while ((buf = realloc( buf, bufSize += readAmount )) &&
-               (bufPointer += (readSize = fread( buf + bufPointer, 1, readAmount, mpwSites ))) &&
+        while ((mpw_realloc( &buf, &bufSize, readAmount )) &&
+               (bufOffset += (readSize = fread( buf + bufOffset, 1, readAmount, mpwSites ))) &&
                (readSize == readAmount));
         if (ferror( mpwSites ))
             wrn( "Error while reading configuration file:\n  %s: %d\n", mpwSitesPath, ferror( mpwSites ) );
@@ -227,7 +227,7 @@ int main(int argc, char *const argv[]) {
         // Parse file.
         MPMarshallError marshallError = { MPMarshallSuccess };
         MPMarshalledUser *user = mpw_marshall_read( buf, mpwSitesFormat, masterPassword, &marshallError );
-        mpw_free_string( buf );
+        mpw_free( buf, bufSize );
         if (!user || marshallError.type != MPMarshallSuccess) {
             if (marshallError.type == MPMarshallErrorMasterPassword) {
                 ftl( "Incorrect master password according to configuration:\n  %s: %s\n", mpwSitesPath, marshallError.description );