diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6ea70943f..12e969795 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2402,7 +2402,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
             if( ret < 0 )
                 return( ret );
 
-            if ( (size_t)ret > len )
+            if ( (size_t)ret > len || ( INT_MAX > SIZE_MAX && ret > SIZE_MAX ) )
             {
                 MBEDTLS_SSL_DEBUG_MSG( 1, 
                     ( "f_recv returned %d bytes but only %zu were requested", 
@@ -2457,7 +2457,7 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
         if( ret <= 0 )
             return( ret );
 
-        if( (size_t)ret > ssl->out_left )
+        if( (size_t)ret > ssl->out_left || ( INT_MAX > SIZE_MAX && ret > SIZE_MAX ) )
         {
             MBEDTLS_SSL_DEBUG_MSG( 1, 
                 ( "f_send returned %d bytes but only %zu bytes were sent",