diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c
index 84ddd0de5..36486b339 100644
--- a/src/plugins/crypto.c
+++ b/src/plugins/crypto.c
@@ -2598,12 +2598,14 @@ BDCryptoLUKSInfo* bd_crypto_luks_info (const gchar *device, GError **error) {
     if (ret != 0) {
         /* not a block device, try init_by_name */
         crypt_free (cd);
+        cd = NULL;
         ret = crypt_init_by_name (&cd, device);
     } else {
         ret = crypt_load (cd, CRYPT_LUKS, NULL);
         if (ret != 0) {
             /* not a LUKS device, try init_by_name */
             crypt_free (cd);
+            cd = NULL;
             ret = crypt_init_by_name (&cd, device);
         }
     }
@@ -2751,6 +2753,7 @@ BDCryptoIntegrityInfo* bd_crypto_integrity_info (const gchar *device, GError **e
     if (ret != 0) {
         /* not a block device, try init_by_name */
         crypt_free (cd);
+        cd = NULL;
         ret = crypt_init_by_name (&cd, device);
     } else {
         ret = crypt_load (cd, CRYPT_LUKS, NULL);
@@ -2759,6 +2762,7 @@ BDCryptoIntegrityInfo* bd_crypto_integrity_info (const gchar *device, GError **e
             ret = crypt_load (cd, CRYPT_INTEGRITY, NULL);
             if (ret != 0) {
                 crypt_free (cd);
+                cd = NULL;
                 ret = crypt_init_by_name (&cd, device);
             }
         }
@@ -2824,12 +2828,14 @@ BDCryptoLUKSTokenInfo** bd_crypto_luks_token_info (const gchar *device, GError *
     if (ret != 0) {
         /* not a block device, try init_by_name */
         crypt_free (cd);
+        cd = NULL;
         ret = crypt_init_by_name (&cd, device);
     } else {
         ret = crypt_load (cd, CRYPT_LUKS, NULL);
         if (ret != 0) {
             /* not a LUKS device, try init_by_name */
             crypt_free (cd);
+            cd = NULL;
             ret = crypt_init_by_name (&cd, device);
         }
     }
diff --git a/tests/crypto_test.py b/tests/crypto_test.py
index 32ba07e04..b33349a86 100644
--- a/tests/crypto_test.py
+++ b/tests/crypto_test.py
@@ -1128,6 +1128,10 @@ def _verify_luks_info(self, info, version):
     def test_luks_info(self):
         """Verify that we can get information about a LUKS device"""
 
+        with self.assertRaisesRegex(GLib.GError, "Failed to initialize device"):
+            # not a LUKS device
+            BlockDev.crypto_luks_info(self.loop_devs[0])
+
         ctx = BlockDev.CryptoKeyslotContext(passphrase=PASSWD)
         succ = BlockDev.crypto_luks_format(self.loop_devs[0], "aes-cbc-essiv:sha256", 256, ctx, 0)
         self.assertTrue(succ)
@@ -1430,6 +1434,9 @@ def test_luks2_integrity(self):
         if not BlockDev.utils_have_kernel_module("dm-integrity"):
             self.skipTest('dm-integrity kernel module not available, skipping.')
 
+        with self.assertRaisesRegex(GLib.GError, "Failed to initialize device"):
+            BlockDev.crypto_integrity_info(self.loop_devs[0])
+
         extra = BlockDev.CryptoLUKSExtra()
         extra.integrity = "hmac(sha256)"
 
@@ -1476,6 +1483,9 @@ def _verify_token_info (self, info):
     def test_luks2_token_info(self):
         """Verify that we can get information about LUKS2 tokens"""
 
+        with self.assertRaisesRegex(GLib.GError, "Failed to initialize device"):
+            BlockDev.crypto_luks_token_info(self.loop_devs[0])
+
         # the simple case with password
         self._luks2_format(self.loop_devs[0], PASSWD, None, fast_pbkdf=True)