diff --git a/os/net/app-layer/coap/coap.c b/os/net/app-layer/coap/coap.c
index 0823576f8..da466e6d7 100644
--- a/os/net/app-layer/coap/coap.c
+++ b/os/net/app-layer/coap/coap.c
@@ -529,6 +529,21 @@ coap_parse_message(void *packet, uint8_t *data, uint16_t data_len)
       ++current_option;
     }
 
+    if(current_option + option_length > data + data_len) {
+      /* Malformed CoAP - out of bounds */
+      PRINTF("BAD REQUEST: options outside data packet: %u > %u\n",
+             (unsigned)(current_option + option_length - data), data_len);
+      return BAD_REQUEST_4_00;
+    }
+
+     option_number += option_delta;
+
+    if(option_number > COAP_OPTION_SIZE1) {
+      /* Malformed CoAP - out of bounds */
+      PRINTF("BAD REQUEST: option number too large: %u\n", option_number);
+      return BAD_REQUEST_4_00;
+    }
+
     option_number += option_delta;
 
     PRINTF("OPTION %u (delta %u, len %zu): ", option_number, option_delta,