diff --git a/src/bdecode.cpp b/src/bdecode.cpp
index f0b8046ab..0d1aa96d0 100644
--- a/src/bdecode.cpp
+++ b/src/bdecode.cpp
@@ -836,7 +836,10 @@ namespace libtorrent
 					start = parse_int(start, end, ':', len, e);
 					if (e)
 						TORRENT_FAIL_BDECODE(e);
-					if (start + len + 1 > end)
+
+					// remaining buffer size excluding ':'
+					const ptrdiff_t buff_size = end - start - 1;
+					if (len > buff_size)
 						TORRENT_FAIL_BDECODE(bdecode_errors::unexpected_eof);
 					if (len < 0)
 						TORRENT_FAIL_BDECODE(bdecode_errors::overflow);
diff --git a/test/test_bdecode.cpp b/test/test_bdecode.cpp
index 4f9d7164d..593ccc05f 100644
--- a/test/test_bdecode.cpp
+++ b/test/test_bdecode.cpp
@@ -721,6 +721,27 @@ TORRENT_TEST(parse_int_overflow)
 	TEST_EQUAL(e, b + 18);
 }
 
+TORRENT_TEST(parse_length_overflow)
+{
+	char const* b[] = {
+		"d1:a1919191010:11111",
+		"d2143289344:a4:aaaae",
+		"d214328934114:a4:aaaae",
+		"d9205357638345293824:a4:aaaae",
+		"d1:a9205357638345293824:11111",
+	};
+
+	for (int i = 0; i < sizeof(b)/sizeof(b[0]); ++i)
+	{
+		error_code ec;
+		bdecode_node e;
+		int ret = bdecode(b[i], b[i] + strlen(b[i]), e, ec);
+		TEST_EQUAL(ret, -1);
+		TEST_CHECK(ec == error_code(bdecode_errors::unexpected_eof));
+	}
+}
+
+
 TORRENT_TEST(expected_colon_string)
 {
 	char b[] = "928";
diff --git a/test/test_bencoding.cpp b/test/test_bencoding.cpp
index f7aebf860..7500d2fbc 100644
--- a/test/test_bencoding.cpp
+++ b/test/test_bencoding.cpp
@@ -585,6 +585,28 @@ TORRENT_TEST(bencoding)
 		char const* e = parse_int(b, b + sizeof(b)-1, ':', val, ec);
 		TEST_CHECK(ec == bdecode_errors::expected_colon);
 	}
+
+	{
+		char const* b[] = {
+			"d1:a1919191010:11111",
+			"d2143289344:a4:aaaae",
+			"d214328934114:a4:aaaae",
+			"d9205357638345293824:a4:aaaae",
+			"d1:a9205357638345293824:11111",
+		};
+
+		for (int i = 0; i < sizeof(b)/sizeof(b[0]); ++i)
+		{
+			lazy_entry e;
+			error_code ec;
+			int ret = lazy_bdecode(b[i], b[i] + strlen(b[i]), e, ec, NULL);
+			TEST_EQUAL(ret, -1);
+			TEST_CHECK(ec == error_code(bdecode_errors::unexpected_eof));
+			printf("%s\n", print_entry(e).c_str());
+		}
+	}
+
+
 #endif // TORRENT_NO_DEPRECATE
 }
 
diff --git a/test/test_heterogeneous_queue.cpp b/test/test_heterogeneous_queue.cpp
index 999d6ff08..1cf201aff 100644
--- a/test/test_heterogeneous_queue.cpp
+++ b/test/test_heterogeneous_queue.cpp
@@ -102,6 +102,7 @@ struct F
 		, f(f_.f)
 		, constructed(f_.constructed)
 		, destructed(f_.destructed)
+		, gutted(f_.gutted)
 	{
 		TEST_EQUAL(f_.constructed, true);
 		TEST_EQUAL(f_.destructed, false);