diff --git a/src/mat73.c b/src/mat73.c
index 01bebc67..c2339fc8 100644
--- a/src/mat73.c
+++ b/src/mat73.c
@@ -2823,6 +2823,15 @@ Mat_VarRead73(mat_t *mat, matvar_t *matvar)
                 dims = Mat_H5ReadDims(sparse_dset_id, &nelems, &rank);
                 if ( NULL != dims ) {
                     size_t nbytes = 0;
+                    /* Verify dataset dimensions */
+                    if (dims[0] != sparse_data->nir) {
+                        H5Dclose(sparse_dset_id);
+                        H5Gclose(dset_id);
+                        free(dims);
+                        free(sparse_data);
+                        Mat_Critical("Dataset dimensions do not match");
+                        return MATIO_E_FILE_FORMAT_VIOLATION;
+                    }
                     sparse_data->nir = (mat_uint32_t)dims[0];
                     free(dims);
                     err = Mul(&nbytes, sparse_data->nir, sizeof(mat_uint32_t));
@@ -2837,6 +2846,10 @@ Mat_VarRead73(mat_t *mat, matvar_t *matvar)
                     if ( sparse_data->ir != NULL ) {
                         herr_t herr = H5Dread(sparse_dset_id, H5T_NATIVE_UINT, H5S_ALL, H5S_ALL,
                                               H5P_DEFAULT, sparse_data->ir);
+                        /* Bounds check to ensure no overflow */
+                        if (herr >= 0 && nbytes < sparse_data->nir * sizeof(mat_uint32_t)) {
+                            err = MATIO_E_FILE_FORMAT_VIOLATION;
+                        }
                         if ( herr < 0 ) {
                             err = MATIO_E_GENERIC_READ_ERROR;
                         }