diff --git a/protocol/thrift/binary.go b/protocol/thrift/binary.go
index e711246..edfb36c 100644
--- a/protocol/thrift/binary.go
+++ b/protocol/thrift/binary.go
@@ -323,6 +323,9 @@ func (p BinaryProtocol) ReadBinary(buf []byte) (b []byte, l int, err error) {
 	if err != nil {
 		return nil, 0, errReadBin
 	}
+	if sz < 0 {
+		return nil, 0, errNegativeSize
+	}
 	l = 4 + int(sz)
 	if len(buf) < l {
 		return nil, 4, errReadBin
@@ -340,6 +343,9 @@ func (p BinaryProtocol) ReadString(buf []byte) (s string, l int, err error) {
 	if err != nil {
 		return "", 0, errReadStr
 	}
+	if sz < 0 {
+		return "", 0, errNegativeSize
+	}
 	l = 4 + int(sz)
 	if len(buf) < l {
 		return "", 4, errReadStr
diff --git a/protocol/thrift/bufferreader.go b/protocol/thrift/bufferreader.go
index 9f8e1d6..f4d0105 100644
--- a/protocol/thrift/bufferreader.go
+++ b/protocol/thrift/bufferreader.go
@@ -148,6 +148,9 @@ func (r *BufferReader) ReadBinary() (b []byte, err error) {
 	if err != nil {
 		return nil, err
 	}
+	if sz < 0 {
+		return nil, errNegativeSize
+	}
 	b = dirtmake.Bytes(int(sz), int(sz))
 	_, err = r.readBinary(b)
 	return