diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index d02ae19d5..3ef5bed1f 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2171,7 +2171,9 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
 			ellipticcurvelist_length += (*(sdata++));
 
 			if (ellipticcurvelist_length != size - 2 ||
-				ellipticcurvelist_length < 1)
+				ellipticcurvelist_length < 1 ||
+				/* Each NamedCurve is 2 bytes. */
+				ellipticcurvelist_length & 1)
 				{
 				*al = TLS1_AD_DECODE_ERROR;
 				return 0;