diff --git a/src/pk/ecc/ecc_ansi_x963_export.c b/src/pk/ecc/ecc_ansi_x963_export.c
index 09dae07..e834c95 100644
--- a/src/pk/ecc/ecc_ansi_x963_export.c
+++ b/src/pk/ecc/ecc_ansi_x963_export.c
@@ -19,7 +19,7 @@
 /**
   @file ecc_ansi_x963_export.c
   ECC Crypto, Tom St Denis
-*/  
+*/
 
 #ifdef LTC_MECC
 
@@ -32,33 +32,40 @@
 int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen)
 {
    unsigned char buf[ECC_BUF_SIZE];
-   unsigned long numlen;
+   unsigned long numlen, xlen, ylen;
 
    LTC_ARGCHK(key    != NULL);
-   LTC_ARGCHK(out    != NULL);
    LTC_ARGCHK(outlen != NULL);
 
    if (ltc_ecc_is_valid_idx(key->idx) == 0) {
       return CRYPT_INVALID_ARG;
    }
    numlen = key->dp->size;
+   xlen = mp_unsigned_bin_size(key->pubkey.x);
+   ylen = mp_unsigned_bin_size(key->pubkey.y);
+
+   if (xlen > numlen || ylen > numlen || sizeof(buf) < numlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
 
    if (*outlen < (1 + 2*numlen)) {
       *outlen = 1 + 2*numlen;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
+   LTC_ARGCHK(out    != NULL);
+
    /* store byte 0x04 */
    out[0] = 0x04;
 
    /* pad and store x */
    zeromem(buf, sizeof(buf));
-   mp_to_unsigned_bin(key->pubkey.x, buf + (numlen - mp_unsigned_bin_size(key->pubkey.x)));
+   mp_to_unsigned_bin(key->pubkey.x, buf + (numlen - xlen));
    XMEMCPY(out+1, buf, numlen);
 
    /* pad and store y */
    zeromem(buf, sizeof(buf));
-   mp_to_unsigned_bin(key->pubkey.y, buf + (numlen - mp_unsigned_bin_size(key->pubkey.y)));
+   mp_to_unsigned_bin(key->pubkey.y, buf + (numlen - ylen));
    XMEMCPY(out+1+numlen, buf, numlen);
 
    *outlen = 1 + 2*numlen;