diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c
index 5f6887bd5c..ef07243dd3 100644
--- a/lib/curlx/base64.c
+++ b/lib/curlx/base64.c
@@ -184,10 +184,10 @@ static CURLcode base64_encode(const char *table64,
   if(!insize)
     return CURLE_OK;
 
-#if SIZEOF_SIZE_T == 4
-  if(insize > UINT_MAX/4)
-    return CURLE_OUT_OF_MEMORY;
-#endif
+  /* safety precaution */
+  DEBUGASSERT(insize <= CURL_MAX_BASE64_INPUT);
+  if(insize > CURL_MAX_BASE64_INPUT)
+    return CURLE_TOO_LARGE;
 
   base64data = output = malloc((insize + 2) / 3 * 4 + 1);
   if(!output)
diff --git a/lib/curlx/base64.h b/lib/curlx/base64.h
index 026f80e4d3..31cfcb36e7 100644
--- a/lib/curlx/base64.h
+++ b/lib/curlx/base64.h
@@ -33,4 +33,8 @@ CURLcode curlx_base64_decode(const char *src,
 
 extern const char Curl_base64encdec[];
 
+/* maximum input length acceptable to base64 encode, here to catch and prevent
+   mistakes */
+#define CURL_MAX_BASE64_INPUT 16000000
+
 #endif /* HEADER_CURL_BASE64_H */