diff --git a/src/hashes/blake2b.c b/src/hashes/blake2b.c
index 9b6ce55..fadd6b2 100644
--- a/src/hashes/blake2b.c
+++ b/src/hashes/blake2b.c
@@ -292,6 +292,13 @@ static int blake2b_compress(hash_state *md, const unsigned char *buf)
 
 int blake2b_process(hash_state *md, const unsigned char *in, unsigned long inlen)
 {
+   LTC_ARGCHK(md != NULL);
+   LTC_ARGCHK(in != NULL);
+
+   if (md->blake2b.curlen > sizeof(md->blake2b.buf)) {
+      return CRYPT_INVALID_ARG;
+   }
+
    if (inlen > 0) {
       unsigned long left = md->blake2b.curlen;
       unsigned long fill = BLAKE2B_BLOCKBYTES - left;
diff --git a/src/hashes/blake2s.c b/src/hashes/blake2s.c
index 49aa24c..5eec43c 100644
--- a/src/hashes/blake2s.c
+++ b/src/hashes/blake2s.c
@@ -179,11 +179,11 @@ int blake2s_init(hash_state *md, unsigned long outlen)
    struct blake2s_param P;
    LTC_ARGCHK(md != NULL);
 
-   XMEMSET(&P, 0, sizeof(P));
-
    if ((!outlen) || (outlen > BLAKE2S_OUTBYTES))
       return CRYPT_INVALID_ARG;
 
+   XMEMSET(&P, 0, sizeof(P));
+
    P.digest_length = (unsigned char)outlen;
 
    P.fanout = 1;