diff --git a/cpu/native/include/tap.h b/cpu/native/include/tap.h
index 9a20295caf..64f190a2fd 100644
--- a/cpu/native/include/tap.h
+++ b/cpu/native/include/tap.h
@@ -44,7 +44,7 @@ struct nativenet_header {
 
 struct nativenet_packet {
     struct nativenet_header nn_header;
-    unsigned char data[ETHERMTU - sizeof(struct nativenet_header)];
+    uint8_t data[ETHERMTU - sizeof(struct nativenet_header)];
 } __attribute__((packed));
 
 union eth_frame {
diff --git a/cpu/native/net/interface.c b/cpu/native/net/interface.c
index a0fedc8845..2ba0c9f9e4 100644
--- a/cpu/native/net/interface.c
+++ b/cpu/native/net/interface.c
@@ -160,7 +160,7 @@ void do_cb(int event)
 }
 
 void _nativenet_handle_packet(radio_packet_t *packet)
-{ 
+{
     radio_address_t dst_addr = packet->dst;
 
     /* address filter / monitor mode */
diff --git a/cpu/native/net/tap.c b/cpu/native/net/tap.c
index 64f9fc4729..19cc5faf78 100644
--- a/cpu/native/net/tap.c
+++ b/cpu/native/net/tap.c
@@ -91,8 +91,13 @@ void _native_handle_tap_input(void)
                 /* XXX: check overflow */
                 p.length = ntohs(frame.field.payload.nn_header.length);
                 p.data = frame.field.payload.data;
-                DEBUG("_native_handle_tap_input: received packet of length %"PRIu16" for %"PRIu16" from %"PRIu16"\n", p.length, p.dst, p.src);
-                _nativenet_handle_packet(&p);
+                if (p.length > (nread - sizeof(struct nativenet_header))) {
+                    warnx("_native_handle_tap_input: packet with malicious length field received, discarding");
+                }
+                else {
+                    DEBUG("_native_handle_tap_input: received packet of length %"PRIu16" for %"PRIu16" from %"PRIu16"\n", p.length, p.dst, p.src);
+                    _nativenet_handle_packet(&p);
+                }
             }
         }
         else {