diff --git a/dlls/advapi32/security.c b/dlls/advapi32/security.c
index c8aeb3679b7..3d43f7f2309 100644
--- a/dlls/advapi32/security.c
+++ b/dlls/advapi32/security.c
@@ -202,6 +202,15 @@ CopySid( DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid )
 BOOL WINAPI
 IsValidSid( PSID pSid )
 {
+    if (IsBadReadPtr(pSid, 4))
+    {
+        WARN_(security)("(%p): invalid pointer!", pSid);
+        return FALSE;
+    }
+
+    if (pSid->SubAuthorityCount > SID_MAX_SUB_AUTHORITIES)
+        return FALSE;
+
     if (!pSid || pSid->Revision != SID_REVISION)
         return FALSE;