diff --git a/aqhome/msg/endpoint_tty.c b/aqhome/msg/endpoint_tty.c
index f08baa4..7cbd813 100644
--- a/aqhome/msg/endpoint_tty.c
+++ b/aqhome/msg/endpoint_tty.c
@@ -95,7 +95,7 @@ GWEN_MSG_ENDPOINT *AQH_TtyEndpoint_new(const char *devicePath, int groupId)
 
 
 
-void _freeData(void *bp, void *p)
+void _freeData(GWEN_UNUSED void *bp, void *p)
 {
   AQH_MSG_ENDPOINT_TTY *xep;
 
@@ -296,6 +296,7 @@ int _getBytesNeededForMessage(GWEN_UNUSED GWEN_MSG_ENDPOINT *ep, GWEN_MSG *msg)
   else {
     const uint8_t *ptr;
     uint32_t msgSize;
+    int bytesNeeded;
 
     ptr=GWEN_Msg_GetConstBuffer(msg);
     msgSize=ptr[AQH_MSG_OFFS_ALL_PAYLOAD_LEN]+AQH_MSG_OFFS_ALL_PAYLOAD_BEGIN+1;
@@ -303,6 +304,15 @@ int _getBytesNeededForMessage(GWEN_UNUSED GWEN_MSG_ENDPOINT *ep, GWEN_MSG *msg)
       DBG_INFO(AQH_LOGDOMAIN, "Message too long for msg (%d > %d)", msgSize, GWEN_Msg_GetMaxSize(msg));
       return GWEN_ERROR_GENERIC;
     }
+
+    bytesNeeded=(int) (msgSize-bytesInMsg);
+    if (bytesNeeded<0 || (bytesNeeded==0 && bytesInMsg==0)) {
+      DBG_ERROR(AQH_LOGDOMAIN, "Bad number of bytes needed, bad message format (bytesNeeded=%d)", bytesNeeded);
+      GWEN_MsgEndpoint_DiscardInput(ep);
+      return GWEN_ERROR_BAD_DATA;
+    }
+
+
     return (int) (msgSize-bytesInMsg);
   }
 }