diff --git a/src/transport.c b/src/transport.c
index 0a5d78a..5c2a16c 100644
--- a/src/transport.c
+++ b/src/transport.c
@@ -431,7 +431,12 @@ _libssh2_transport_read(LIBSSH2_SESSION * session)
              * and we can extract packet and padding length from it
              */
             p->packet_length = _libssh2_ntohu32(block);
+            if ((p->packet_length < 1) || (p->packet_length > PACKETBUFSIZE))
+                return PACKET_FAIL;
+
             p->padding_length = block[4];
+            if (p->padding_length < 0)
+                return PACKET_FAIL;
 
             /* total_num is the number of bytes following the initial
                (5 bytes) packet length and padding length fields */