diff --git a/src/libopensc/card-piv.c b/src/libopensc/card-piv.c
index a6f9fb63..9f5a46c4 100644
--- a/src/libopensc/card-piv.c
+++ b/src/libopensc/card-piv.c
@@ -55,6 +55,8 @@
 #endif
 #include "simpletlv.h"
 
+#define PIV_MAX_FILE_SIZE 65535
+
 enum {
 	PIV_OBJ_CCC = 0,
 	PIV_OBJ_CHUI,
@@ -960,6 +962,9 @@ piv_get_data(sc_card_t * card, int enumtag, u8 **buf, size_t *buf_len)
 	       "buffer for #%d *buf=0x%p len=%"SC_FORMAT_LEN_SIZE_T"u",
 	       enumtag, *buf, *buf_len);
 	if (*buf == NULL && *buf_len > 0) {
+		if (*buf_len > PIV_MAX_FILE_SIZE) {
+			goto err;
+		}
 		*buf = malloc(*buf_len);
 		if (*buf == NULL ) {
 			r = SC_ERROR_OUT_OF_MEMORY;