diff --git a/stralloc/stralloc_catm_internal.c b/stralloc/stralloc_catm_internal.c
index 1da5377..ef8cb0e 100644
--- a/stralloc/stralloc_catm_internal.c
+++ b/stralloc/stralloc_catm_internal.c
@@ -7,8 +7,13 @@ int stralloc_catm_internal(stralloc* sa, ...) {
   const char* s;
   size_t n=0;
   va_start(a,sa);
-  while ((s=va_arg(a,const char*)))
-    n += strlen(s);
+  while ((s=va_arg(a,const char*))) {
+    size_t tmp = strlen(s);
+    if (n + tmp < n) return 0;	// integer overflow
+    // integer overflow should not be possible, but someone could pass
+    // the same string twice to provoke it. Better check than sorry.
+    n += tmp;
+  }
   va_end(a);
   stralloc_readyplus(sa,n);
 
diff --git a/stralloc/stralloc_ready.c b/stralloc/stralloc_ready.c
index 3ea3ba3..7bd53f3 100644
--- a/stralloc/stralloc_ready.c
+++ b/stralloc/stralloc_ready.c
@@ -9,7 +9,7 @@
  * old space, and returns 1. Note that this changes sa.s. */
 int stralloc_ready(stralloc *sa,size_t len) {
   register size_t wanted=len+(len>>3)+30; /* heuristic from djb */
-  if (wanted<len) wanted=len;
+  if (wanted<len) wanted=len;	// in case of integer overflow
   if (!sa->s || sa->a<len) {
     register char* tmp;
     if (!(tmp=realloc(sa->s,wanted)))