diff --git a/ChangeLog b/ChangeLog
index a0a8a18f9..23820be31 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -59,6 +59,8 @@ Bugfix
      exchange that caused some handshakes to fail with other implementations.
      (Failure rate <= 1/255 with common DHM moduli.)
    * Disable broken Sparc64 bn_mul assembly (found by Florian Obser).
+   * Fix base64_decode() to return and check length correctly (in case of
+     tight buffers)
 
 = PolarSSL 1.3.7 released on 2014-05-02
 Features
diff --git a/library/base64.c b/library/base64.c
index 5b1418bdd..39a8323e8 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -172,6 +172,7 @@ int base64_decode( unsigned char *dst, size_t *dlen,
         return( 0 );
 
     n = ( ( n * 6 ) + 7 ) >> 3;
+    n -= j;
 
     if( dst == NULL || *dlen < n )
     {
diff --git a/tests/suites/test_suite_base64.data b/tests/suites/test_suite_base64.data
index c400ccbd7..4508d892b 100644
--- a/tests/suites/test_suite_base64.data
+++ b/tests/suites/test_suite_base64.data
@@ -55,6 +55,33 @@ base64_decode:"zm===":"":POLARSSL_ERR_BASE64_INVALID_CHARACTER
 Base64 decode (Invalid char after equal signs)
 base64_decode:"zm=masd":"":POLARSSL_ERR_BASE64_INVALID_CHARACTER
 
+Base64 encode hex #1
+base64_encode_hex:"010203040506070809":"AQIDBAUGBwgJ":13:0
+
+Base64 encode hex #2 (buffer too small)
+base64_encode_hex:"010203040506070809":"AQIDBAUGBwgJ":12:POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL
+
+Base64 encode hex #3
+base64_encode_hex:"0102030405060708":"AQIDBAUGBwg=":13:0
+
+Base64 encode hex #4
+base64_encode_hex:"01020304050607":"AQIDBAUGBw==":13:0
+
+Base64 decode hex #1
+base64_decode_hex:"AQIDBAUGBwgJ":"010203040506070809":9:0
+
+Base64 decode hex #2 (buffer too small)
+base64_decode_hex:"AQIDBAUGBwgJ":"010203040506070809":8:POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL
+
+Base64 decode hex #3
+base64_decode_hex:"AQIDBAUGBwg=":"0102030405060708":8:0
+
+Base64 decode hex #4
+base64_decode_hex:"AQIDBAUGBw==":"01020304050607":7:0
+
+Base64 decode hex #5 (buffer too small)
+base64_decode_hex:"AQIDBAUGBw==":"01020304050607":6:POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL
+
 Base64 Selftest
 depends_on:POLARSSL_SELF_TEST
 base64_selftest:
diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function
index 3ba59dc95..a9a580c59 100644
--- a/tests/suites/test_suite_base64.function
+++ b/tests/suites/test_suite_base64.function
@@ -48,6 +48,45 @@ void base64_decode( char *src_string, char *dst_string, int result )
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void base64_encode_hex( char *src_hex, char *dst, int dst_buf_size,
+                        int result )
+{
+    unsigned char *src, *res;
+    size_t len = dst_buf_size, src_len;
+
+    src = unhexify_alloc( src_hex, &src_len );
+    res = zero_alloc( dst_buf_size );
+
+    TEST_ASSERT( base64_encode( res, &len, src, src_len ) == result );
+    if( result == 0 )
+    {
+        TEST_ASSERT( len == strlen( dst ) );
+        TEST_ASSERT( memcmp( dst, res, len ) == 0 );
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void base64_decode_hex( char *src, char *dst_hex, int dst_buf_size,
+                        int result )
+{
+    unsigned char *dst, *res;
+    size_t len = dst_buf_size, dst_len;
+
+    dst = unhexify_alloc( dst_hex, &dst_len );
+    res = zero_alloc( dst_buf_size );
+
+    TEST_ASSERT( base64_decode( res, &len, (unsigned char *) src,
+                                strlen( src ) ) == result );
+    if( result == 0 )
+    {
+        TEST_ASSERT( len == dst_len );
+        TEST_ASSERT( memcmp( dst, res, len ) == 0 );
+    }
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
 void base64_selftest()
 {