diff --git a/src/misc/padding/padding_depad.c b/src/misc/padding/padding_depad.c
index e02077fd4..33353f964 100644
--- a/src/misc/padding/padding_depad.c
+++ b/src/misc/padding/padding_depad.c
@@ -36,7 +36,7 @@ int padding_depad(const unsigned char *data, unsigned long *length, unsigned lon
    if (type < LTC_PAD_ONE_AND_ZERO) {
       pad = data[padded_length - 1];
 
-      if (pad > padded_length) return CRYPT_INVALID_ARG;
+      if (pad > padded_length || pad == 0) return CRYPT_INVALID_ARG;
 
       unpadded_length = padded_length - pad;
    } else {
diff --git a/tests/padding_test.c b/tests/padding_test.c
index c2371c685..a860f14b2 100644
--- a/tests/padding_test.c
+++ b/tests/padding_test.c
@@ -194,6 +194,15 @@ int padding_test(void)
       }
    }
 
+   /* wycheproof failing test - https://github.com/libtom/libtomcrypt/pull/454 */
+   {
+      unsigned char data[] = { 0x47,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
+      unsigned long len = sizeof(data);
+      int err;
+
+      err = padding_depad(data, &len, (LTC_PAD_PKCS7 | 16));
+      if (err == CRYPT_OK) return CRYPT_FAIL_TESTVECTOR; /* should fail */
+   }
 
    return CRYPT_OK;
 }