diff --git a/src/sys/devctl.c b/src/sys/devctl.c
index 394a1550..fed19f55 100644
--- a/src/sys/devctl.c
+++ b/src/sys/devctl.c
@@ -72,6 +72,13 @@ BOOLEAN FspFastIoDeviceControl(
     if (!Result)
         FSP_RETURN();
 
+    if (0 != InputBufferLength &&
+        FSP_FSCTL_DEFAULT_ALIGN_UP(sizeof(FSP_FSCTL_TRANSACT_RSP)) > InputBufferLength)
+        FSP_RETURN(IoStatus->Status = STATUS_INVALID_PARAMETER);
+    if (0 != OutputBufferLength &&
+        FSP_FSCTL_TRANSACT_BUFFER_SIZEMIN > OutputBufferLength)
+        FSP_RETURN(IoStatus->Status = STATUS_BUFFER_TOO_SMALL);
+
     PVOID SystemBuffer = 0;
     if (0 != InputBufferLength || 0 != OutputBufferLength)
     {
diff --git a/tst/winfsp-tests/mount-test.c b/tst/winfsp-tests/mount-test.c
index 8e457fa3..54b70033 100644
--- a/tst/winfsp-tests/mount-test.c
+++ b/tst/winfsp-tests/mount-test.c
@@ -234,6 +234,20 @@ void mount_volume_transact_dotest(PWSTR DeviceName, PWSTR Prefix)
     FSP_FSCTL_TRANSACT_REQ *Request = (PVOID)RequestBuf, *NextRequest;
     FSP_FSCTL_TRANSACT_RSP *Response = (PVOID)ResponseBuf;
 
+    RequestBufSize = 0;
+    Result = FspFsctlTransact(VolumeHandle, ResponseBuf, 1, 0, &RequestBufSize, FALSE);
+    ASSERT(STATUS_INVALID_PARAMETER == Result);
+    RequestBufSize = 0;
+    Result = FspFsctlTransact(VolumeHandle, ResponseBuf, 1, 0, &RequestBufSize, TRUE);
+    ASSERT(STATUS_INVALID_PARAMETER == Result);
+
+    RequestBufSize = FSP_FSCTL_TRANSACT_BUFFER_SIZEMIN - 1;
+    Result = FspFsctlTransact(VolumeHandle, 0, 0, RequestBuf, &RequestBufSize, FALSE);
+    ASSERT(STATUS_BUFFER_TOO_SMALL == Result);
+    RequestBufSize = FSP_FSCTL_TRANSACT_BATCH_BUFFER_SIZEMIN - 1;
+    Result = FspFsctlTransact(VolumeHandle, 0, 0, RequestBuf, &RequestBufSize, TRUE);
+    ASSERT(STATUS_BUFFER_TOO_SMALL == Result);
+
     ResponseBufSize = 0;
     RequestBufSize = sizeof RequestBuf;
     Result = FspFsctlTransact(VolumeHandle, 0, 0, RequestBuf, &RequestBufSize, TRUE);