diff --git a/res/cases/v1/err-leb-i64-too-long.wasm b/res/cases/v1/err-leb-i64-too-long.wasm
new file mode 100644
index 0000000..efe9894
Binary files /dev/null and b/res/cases/v1/err-leb-i64-too-long.wasm differ
diff --git a/src/elements/primitives.rs b/src/elements/primitives.rs
index 9522f51..375f7cd 100644
--- a/src/elements/primitives.rs
+++ b/src/elements/primitives.rs
@@ -40,6 +40,8 @@ impl Deserialize for VarUint32 {
 		let mut shift = 0;
 		let mut u8buf = [0u8; 1];
 		loop {
+			if shift > 31 { return Err(Error::InvalidVarUint32); }
+
 			reader.read_exact(&mut u8buf)?;
 			let b = u8buf[0] as u32;
 			res |= (b & 0x7f).checked_shl(shift).ok_or(Error::InvalidVarUint32)?;
@@ -91,6 +93,8 @@ impl Deserialize for VarUint64 {
 		let mut shift = 0;
 		let mut u8buf = [0u8; 1];
 		loop {
+			if shift > 63 { return Err(Error::InvalidVarUint64); }
+
 			reader.read_exact(&mut u8buf)?;
 			let b = u8buf[0] as u64;
 			res |= (b & 0x7f).checked_shl(shift).ok_or(Error::InvalidVarUint64)?;
@@ -349,6 +353,12 @@ impl Deserialize for VarInt64 {
 			if (b >> 7) == 0 {
 				if shift < 64 && b & 0b0100_0000 == 0b0100_0000 {
 					res |= (1i64 << shift).wrapping_neg();
+				} else if shift >= 64 && b & 0b0100_0000 == 0b0100_0000 {
+					if (b | 0b1000_0000) as i8 != -1 {
+						return Err(Error::InvalidVarInt64);
+					}
+				} else if shift >= 64 && b != 0 {
+					return Err(Error::InvalidVarInt64);
 				}
 				break;
 			}