diff --git a/library/oid.c b/library/oid.c
index d8ba773a51..fb4caaddf4 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -799,6 +799,11 @@ int mbedtls_oid_get_numeric_string(char *buf, size_t size,
     /* First subidentifier contains first two OID components */
     i = 0;
     value = 0;
+    if ((oid->p[0]) == 0x80) {
+        /* Overlong encoding is not allowed */
+        return MBEDTLS_ERR_OID_BUF_TOO_SMALL;
+    }
+
     while (i < oid->len && ((oid->p[i] & 0x80) != 0)) {
         /* Prevent overflow in value. */
         if (((value << 7) >> 7) != value) {
@@ -833,6 +838,10 @@ int mbedtls_oid_get_numeric_string(char *buf, size_t size,
         if (((value << 7) >> 7) != value) {
             return MBEDTLS_ERR_OID_BUF_TOO_SMALL;
         }
+        if ((value == 0) && ((oid->p[i]) == 0x80)) {
+            /* Overlong encoding is not allowed */
+            return MBEDTLS_ERR_OID_BUF_TOO_SMALL;
+        }
 
         value <<= 7;
         value += oid->p[i] & 0x7F;