diff --git a/documentation/RELEASE_NOTES.html b/documentation/RELEASE_NOTES.html
index f4912390e..3d8747947 100644
--- a/documentation/RELEASE_NOTES.html
+++ b/documentation/RELEASE_NOTES.html
@@ -13,6 +13,15 @@
 
 <!-- Insert new items immediately below here ... -->
 
+<h3>Reject NULL callback functions in ca_array_*_callback</h3>
+
+<p>The two CA routines ca_array_get_callback() and ca_array_put_callback() were
+not checking the pfunc callback function argument for NULL. Passing in a NULL
+would cause the client library to segfault when the callback was called. Doing
+this will now result in the error status ECA_BADFUNCPTR being returned. This
+chage fixes <a href="https://bugs.launchpad.net/bugs/1369626">Launchpad bug
+1369626</a>.</p>
+
 <h3>Support for Solaris 11</h3>
 
 <p>The build rules have been updated to support Solaris 11. Note that APS staff
diff --git a/src/ca/getCallback.cpp b/src/ca/getCallback.cpp
index 05e654e30..0fc050043 100644
--- a/src/ca/getCallback.cpp
+++ b/src/ca/getCallback.cpp
@@ -57,9 +57,9 @@ void getCallback::completion (
     // fetch client context and destroy prior to releasing
     // the lock and calling cb in case they destroy channel there
     this->chan.getClientCtx().destroyGetCallback ( guard, *this );
-    {
+    if ( pFuncTmp ) {
         epicsGuardRelease < epicsMutex > unguard ( guard );
-        ( *pFuncTmp ) ( args );
+        pFuncTmp ( args );
     }
 }
 
diff --git a/src/ca/oldChannelNotify.cpp b/src/ca/oldChannelNotify.cpp
index 289c4e8b4..1a63f8273 100644
--- a/src/ca/oldChannelNotify.cpp
+++ b/src/ca/oldChannelNotify.cpp
@@ -343,6 +343,9 @@ int epicsShareAPI ca_array_get_callback ( chtype type,
         if ( type < 0 ) {
             return ECA_BADTYPE;
         }
+        if ( pfunc == NULL ) {
+            return ECA_BADFUNCPTR;
+        }
         unsigned tmpType = static_cast < unsigned > ( type );
 
         epicsGuard < epicsMutex > guard ( pChan->cacCtx.mutexRef () );
@@ -416,6 +419,9 @@ int epicsShareAPI ca_array_put_callback ( chtype type, arrayElementCount count,
         if ( type < 0 ) {
             return ECA_BADTYPE;
         }
+        if ( pfunc == NULL ) {
+            return ECA_BADFUNCPTR;
+        }
         epicsGuard < epicsMutex > guard ( pChan->cacCtx.mutexRef () );
         pChan->eliminateExcessiveSendBacklog ( guard );
         unsigned tmpType = static_cast < unsigned > ( type );
diff --git a/src/ca/putCallback.cpp b/src/ca/putCallback.cpp
index ba17a654c..85fcaeb7f 100644
--- a/src/ca/putCallback.cpp
+++ b/src/ca/putCallback.cpp
@@ -57,9 +57,9 @@ void putCallback::completion ( epicsGuard < epicsMutex > & guard  )
     // fetch client context and destroy prior to releasing
     // the lock and calling cb in case they destroy channel there
     this->chan.getClientCtx().destroyPutCallback ( guard, *this );
-    {
+    if ( pFuncTmp ) {
         epicsGuardRelease < epicsMutex > unguard ( guard );
-        ( *pFuncTmp ) ( args );
+        pFuncTmp ( args );
     }
 }