diff --git a/src/pocketmine/Player.php b/src/pocketmine/Player.php
index 00e2a37d5..df81706e7 100644
--- a/src/pocketmine/Player.php
+++ b/src/pocketmine/Player.php
@@ -1340,6 +1340,11 @@ class Player extends Human implements CommandSender, InventoryHolder, IPlayer{
 				$this->nameTag = $this->username;
 				$this->iusername = strtolower($this->username);
 				$this->randomClientId = $packet->clientId;
+				if(strlen($packet->skin) < 64 * 32 * 4){
+					$this->close("", "Invalid skin", false);
+					return;
+				}
+				
 				$this->setSkin($packet->skin, $packet->slim);
 				$this->loginData = ["clientId" => $packet->clientId, "loginData" => null];
 
diff --git a/src/pocketmine/entity/Human.php b/src/pocketmine/entity/Human.php
index 37966da1d..41d9ee611 100644
--- a/src/pocketmine/entity/Human.php
+++ b/src/pocketmine/entity/Human.php
@@ -33,7 +33,6 @@ use pocketmine\Network;
 use pocketmine\network\protocol\AddPlayerPacket;
 use pocketmine\network\protocol\RemovePlayerPacket;
 use pocketmine\Player;
-use pocketmine\utils\TextFormat;
 
 class Human extends Creature implements ProjectileSource, InventoryHolder{
 
@@ -186,6 +185,10 @@ class Human extends Creature implements ProjectileSource, InventoryHolder{
 		if($player !== $this and !isset($this->hasSpawned[$player->getId()])){
 			$this->hasSpawned[$player->getId()] = $player;
 
+			if(strlen($this->skin) < 64 * 32 * 4){
+				throw new \InvalidStateException((new \ReflectionClass($this))->getShortName() . " must have a valid skin set");
+			}
+
 			$pk = new AddPlayerPacket();
 			$pk->clientID = 0;
 			$pk->username = $this->nameTag;