diff --git a/lib/client.c b/lib/client.c
index 35d3f7a9..344cf6f9 100644
--- a/lib/client.c
+++ b/lib/client.c
@@ -813,6 +813,7 @@ check_accept:
 		lwsl_err("Out of Mem allocating rx buffer %d\n", n);
 		goto bail2;
 	}
+       wsi->u.ws.rx_ubuf_alloc = n;
 	lwsl_info("Allocating client RX buffer %d\n", n);
 
 	if (setsockopt(wsi->sock, SOL_SOCKET, SO_SNDBUF, (const char *)&n,
diff --git a/lib/parsers.c b/lib/parsers.c
index 71706206..93a12107 100644
--- a/lib/parsers.c
+++ b/lib/parsers.c
@@ -1016,6 +1016,10 @@ handle_first:
 
 		assert(wsi->u.ws.rx_ubuf);
 
+               if (wsi->u.ws.rx_ubuf_head + LWS_PRE + 4 >= wsi->u.ws.rx_ubuf_alloc) {
+                       lwsl_err("Attempted overflow\n");
+                       return -1;
+               }
 		if (wsi->u.ws.all_zero_nonce)
 			wsi->u.ws.rx_ubuf[LWS_PRE +
 			       (wsi->u.ws.rx_ubuf_head++)] = c;
diff --git a/lib/private-libwebsockets.h b/lib/private-libwebsockets.h
index e618a135..d7f069cd 100644
--- a/lib/private-libwebsockets.h
+++ b/lib/private-libwebsockets.h
@@ -840,6 +840,7 @@ struct _lws_header_related {
 
 struct _lws_websocket_related {
 	char *rx_ubuf;
+       unsigned int rx_ubuf_alloc;
 	struct lws *rx_draining_ext_list;
 	struct lws *tx_draining_ext_list;
 	size_t rx_packet_length;
diff --git a/lib/server.c b/lib/server.c
index 07156454..d535b81a 100644
--- a/lib/server.c
+++ b/lib/server.c
@@ -545,6 +545,7 @@ upgrade_ws:
 			lwsl_err("Out of Mem allocating rx buffer %d\n", n);
 			return 1;
 		}
+		wsi->u.ws.rx_ubuf_alloc = n;
 		lwsl_info("Allocating RX buffer %d\n", n);
 #if LWS_POSIX
 		if (setsockopt(wsi->sock, SOL_SOCKET, SO_SNDBUF,