diff --git a/btcec/signature.go b/btcec/signature.go
index 6026c424..fedd92e9 100644
--- a/btcec/signature.go
+++ b/btcec/signature.go
@@ -112,7 +112,10 @@ func parseSig(sigStr []byte, curve elliptic.Curve, der bool) (*Signature, error)
 	// length of remaining message
 	siglen := sigStr[index]
 	index++
-	if int(siglen+2) > len(sigStr) {
+
+	// siglen should be less than the entire message and greater than
+	// the minimal message of size 8.
+	if int(siglen+2) > len(sigStr) || int(siglen+2) < 8 {
 		return nil, errors.New("malformed signature: bad length")
 	}
 	// trim the slice we're working on so we only look at what matters.
diff --git a/btcec/signature_test.go b/btcec/signature_test.go
index a4b86bb8..19ab772e 100644
--- a/btcec/signature_test.go
+++ b/btcec/signature_test.go
@@ -113,6 +113,12 @@ var signatureTests = []signatureTest{
 		der:     true,
 		isValid: false,
 	},
+	{
+		name:    "invalid message length",
+		sig:     []byte{0x30, 0x00, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00},
+		der:     false,
+		isValid: false,
+	},
 	{
 		name: "long len",
 		sig: []byte{0x30, 0x45, 0x02, 0x20, 0x4e, 0x45, 0xe1, 0x69,