diff --git a/src/mesh/adv_bearer.c b/src/mesh/adv_bearer.c
index 67abd5695..38901f72b 100644
--- a/src/mesh/adv_bearer.c
+++ b/src/mesh/adv_bearer.c
@@ -281,6 +281,7 @@ static void adv_bearer_run(void){
 
 //
 static void adv_bearer_prepare_message(const uint8_t * data, uint16_t data_len, uint8_t type, uint8_t count, uint16_t interval){
+    btstack_assert(data_len <= (sizeof(adv_bearer_buffer)-2));
     log_debug("adv bearer message, type 0x%x\n", type);
     // prepare message
     adv_bearer_buffer[0] = data_len+1;
@@ -336,14 +337,17 @@ void adv_bearer_request_can_send_now_for_provisioning_pdu(void){
 // adv bearer send message
 
 void adv_bearer_send_network_pdu(const uint8_t * data, uint16_t data_len, uint8_t count, uint16_t interval){
+    btstack_assert(data_len <= (sizeof(adv_bearer_buffer)-2));
     adv_bearer_prepare_message(data, data_len, BLUETOOTH_DATA_TYPE_MESH_MESSAGE, count, interval);
     adv_bearer_run();
 }
 void adv_bearer_send_beacon(const uint8_t * data, uint16_t data_len){
+    btstack_assert(data_len <= (sizeof(adv_bearer_buffer)-2));
     adv_bearer_prepare_message(data, data_len, BLUETOOTH_DATA_TYPE_MESH_BEACON, 3, 100);
     adv_bearer_run();
 }
 void adv_bearer_send_provisioning_pdu(const uint8_t * data, uint16_t data_len){
+    btstack_assert(data_len <= (sizeof(adv_bearer_buffer)-2));
     adv_bearer_prepare_message(data, data_len, BLUETOOTH_DATA_TYPE_PB_ADV, 3, 100);
     adv_bearer_run();
 }
diff --git a/src/mesh/mesh_network.c b/src/mesh/mesh_network.c
index 08ff94445..d5300170b 100644
--- a/src/mesh/mesh_network.c
+++ b/src/mesh/mesh_network.c
@@ -324,6 +324,8 @@ static void mesh_network_send_b(void *arg){
     memcpy(&outgoing_pdu->data[outgoing_pdu->len], net_mic, net_mic_len);
     outgoing_pdu->len += net_mic_len;
 
+    btstack_assert(outgoing_pdu->len <= 29);
+    
 #ifdef LOG_NETWORK
     printf("TX-B-NetworkPDU (%p): ", outgoing_pdu);
     printf_hexdump(outgoing_pdu->data, outgoing_pdu->len);
@@ -986,16 +988,9 @@ void mesh_network_send_pdu(mesh_network_pdu_t * network_pdu){
     printf("^^ into network_pdus_queued\n");
 #endif
 
-    if (network_pdu->len > 29){
-        printf("too long, %u\n", network_pdu->len);
-        while(1);
-    }
-
-    // network pdu without payload = 9 bytes
-    if (network_pdu->len < 9){
-        printf("too short, %u\n", network_pdu->len);
-        while(1);
-    }
+    uint8_t net_mic_len = network_pdu->data[1] & 0x80 ? 8 : 4;
+    btstack_assert((network_pdu->len + net_mic_len) <= 29);
+    btstack_assert(network_pdu->len >= 9);
 
     // setup callback
     network_pdu->callback = &mesh_network_send_d;