diff --git a/src/pk/ecc/ecc_ansi_x963_export.c b/src/pk/ecc/ecc_ansi_x963_export.c
index 09dae07..f195a8e 100644
--- a/src/pk/ecc/ecc_ansi_x963_export.c
+++ b/src/pk/ecc/ecc_ansi_x963_export.c
@@ -32,7 +32,7 @@
 int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen)
 {
    unsigned char buf[ECC_BUF_SIZE];
-   unsigned long numlen;
+   unsigned long numlen, xlen, ylen;
 
    LTC_ARGCHK(key    != NULL);
    LTC_ARGCHK(out    != NULL);
@@ -42,6 +42,12 @@ int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen
       return CRYPT_INVALID_ARG;
    }
    numlen = key->dp->size;
+   xlen = mp_unsigned_bin_size(key->pubkey.x);
+   ylen = mp_unsigned_bin_size(key->pubkey.y);
+
+   if (xlen > numlen || ylen > numlen || sizeof(buf) < numlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
 
    if (*outlen < (1 + 2*numlen)) {
       *outlen = 1 + 2*numlen;
@@ -53,12 +59,12 @@ int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen
 
    /* pad and store x */
    zeromem(buf, sizeof(buf));
-   mp_to_unsigned_bin(key->pubkey.x, buf + (numlen - mp_unsigned_bin_size(key->pubkey.x)));
+   mp_to_unsigned_bin(key->pubkey.x, buf + (numlen - xlen));
    XMEMCPY(out+1, buf, numlen);
 
    /* pad and store y */
    zeromem(buf, sizeof(buf));
-   mp_to_unsigned_bin(key->pubkey.y, buf + (numlen - mp_unsigned_bin_size(key->pubkey.y)));
+   mp_to_unsigned_bin(key->pubkey.y, buf + (numlen - ylen));
    XMEMCPY(out+1+numlen, buf, numlen);
 
    *outlen = 1 + 2*numlen;