diff --git a/ChangeLog b/ChangeLog
index 9c980ae2d..134253dcd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,8 @@ Bugfix
    * Improve code clarity in x509_crt module, removing false-positive
      uninitialized variable warnings on some recent toolchains (GCC8, etc).
      Discovered and fixed by Andy Gross (Linaro), #2392.
+   * Zero length buffer check for undefined behavior in
+     mbedtls_platform_zeroize(). Fixes ARMmbed/mbed-crypto#49.
 
 Changes
    * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
diff --git a/library/platform_util.c b/library/platform_util.c
index 756e22679..b1f745097 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -72,7 +72,10 @@ static void * (* const volatile memset_func)( void *, int, size_t ) = memset;
 
 void mbedtls_platform_zeroize( void *buf, size_t len )
 {
-    memset_func( buf, 0, len );
+    MBEDTLS_INTERNAL_VALIDATE( len == 0 || buf != NULL );
+
+    if( len > 0 )
+        memset_func( buf, 0, len );
 }
 #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */