diff --git a/src/libopensc/card-piv.c b/src/libopensc/card-piv.c
index e2a6eeed..e85dfc45 100644
--- a/src/libopensc/card-piv.c
+++ b/src/libopensc/card-piv.c
@@ -898,7 +898,7 @@ static int piv_read_obj_from_file(sc_card_t * card, char * filename,
 		goto err;
 	}
 	memcpy(*buf, tagbuf, len); /* copy first or only part */
-	if (rbuflen > len) {
+	if (rbuflen > len + sizeof(tagbuf)) {
 		len = read(f, *buf + sizeof(tagbuf), rbuflen - sizeof(tagbuf)); /* read rest */
 		if (len != rbuflen - sizeof(tagbuf)) {
 			r = SC_ERROR_INVALID_ASN1_OBJECT;
diff --git a/src/libopensc/muscle.c b/src/libopensc/muscle.c
index 311edd90..36139be4 100644
--- a/src/libopensc/muscle.c
+++ b/src/libopensc/muscle.c
@@ -617,6 +617,8 @@ int msc_extract_rsa_public_key(sc_card_t *card,
 	if(!*modulus) SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY);
 	memcpy(*modulus, buffer, *modLength);
 	*expLength = (buffer[*modLength] << 8) | buffer[*modLength + 1];
+	if (*expLength > sizeof buffer)
+		return SC_ERROR_OUT_OF_MEMORY;
 	r = msc_read_object(card, inputId, fileLocation, buffer, *expLength);
 	if(r < 0) {
 		free(*modulus); *modulus = NULL;