diff --git a/src/Packet.cpp b/src/Packet.cpp
index 2d54ca459..e0bae3f2b 100644
--- a/src/Packet.cpp
+++ b/src/Packet.cpp
@@ -39,9 +39,11 @@ uint8_t Packet::writeTo(uint8_t dest[]) const {
 }
 
 bool Packet::readFrom(const uint8_t src[], uint8_t len) {
+  if (len < 2) return false;  // minimum: header + path_len
   uint8_t i = 0;
   header = src[i++];
   if (hasTransportCodes()) {
+    if (i + 4 >= len) return false;  // need 4 transport bytes + the path_len byte
     memcpy(&transport_codes[0], &src[i], 2); i += 2;
     memcpy(&transport_codes[1], &src[i], 2); i += 2;
   } else {
@@ -49,8 +51,8 @@ bool Packet::readFrom(const uint8_t src[], uint8_t len) {
   }
   path_len = src[i++];
   if (path_len > sizeof(path)) return false;   // bad encoding
+  if (i + path_len >= len) return false;  // path + at least 1 byte payload must fit
   memcpy(path, &src[i], path_len); i += path_len;
-  if (i >= len) return false;   // bad encoding
   payload_len = len - i;
   if (payload_len > sizeof(payload)) return false;  // bad encoding
   memcpy(payload, &src[i], payload_len); //i += payload_len;