diff --git a/src/packet_analysis/protocol/gre/GRE.cc b/src/packet_analysis/protocol/gre/GRE.cc
index 07de0a54b4..02bdf2e33f 100644
--- a/src/packet_analysis/protocol/gre/GRE.cc
+++ b/src/packet_analysis/protocol/gre/GRE.cc
@@ -10,7 +10,7 @@
 
 using namespace zeek::packet_analysis::GRE;
 
-static unsigned int gre_header_len(uint16_t flags)
+static unsigned int gre_header_len(uint16_t flags=0)
 	{
 	unsigned int len = 4;  // Always has 2 byte flags and 2 byte protocol type.
 
@@ -44,7 +44,7 @@ bool GREAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
 	{
 	if ( ! packet->ip_hdr )
 		{
-		reporter->InternalError("GREAnalyzer: ip_hdr not found in packet keystore");
+		reporter->InternalError("GREAnalyzer: ip_hdr not provided from earlier analyzer");
 		return false;
 		}
 
@@ -54,6 +54,12 @@ bool GREAnalyzer::AnalyzePacket(size_t len, const uint8_t* data, Packet* packet)
 		return false;
 		}
 
+	if ( len < gre_header_len() )
+		{
+		sessions->Weird("truncated_GRE", packet);
+		return false;
+		}
+
 	int proto = packet->proto;
 	int gre_link_type = DLT_RAW;