diff --git a/lib/asn1/der_get.c b/lib/asn1/der_get.c
index 45415c6c4..99b8e782d 100644
--- a/lib/asn1/der_get.c
+++ b/lib/asn1/der_get.c
@@ -252,6 +252,8 @@ decode_integer (const unsigned char *p, size_t len,
     p += l;
     len -= l;
     ret += l;
+    if (reallen > len)
+	return ASN1_OVERRUN;
     e = der_get_int (p, reallen, num, &l);
     if (e) return e;
     p += l;
@@ -279,6 +281,8 @@ decode_unsigned (const unsigned char *p, size_t len,
     p += l;
     len -= l;
     ret += l;
+    if (reallen > len)
+	return ASN1_OVERRUN;
     e = der_get_unsigned (p, reallen, num, &l);
     if (e) return e;
     p += l;