diff --git a/src/common/util.c b/src/common/util.c
index 391b02f34b8eeb1ec479f46b5489773a46cd1eb0..c44fe601e73ac46d10af3568cc6f18b8c359516d 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -1416,7 +1416,10 @@ parse_http_time(const char *date, struct tm *tm)
 
   /* First, try RFC1123 or RFC850 format: skip the weekday.  */
   if ((cp = strchr(date, ','))) {
-    cp += 2;
+    ++cp;
+    if (*cp != ' ')
+      return -1;
+    ++cp;
     if (tor_sscanf(cp, "%2u %3s %4u %2u:%2u:%2u GMT",
                &tm_mday, month, &tm_year,
                &tm_hour, &tm_min, &tm_sec) == 6) {
diff --git a/src/test/test_util.c b/src/test/test_util.c
index 5845d779be869dcd85243085c3525f4935fc5cf0..e239326a2d843dc978dc251188c837c30b810049 100644
--- a/src/test/test_util.c
+++ b/src/test/test_util.c
@@ -101,6 +101,7 @@ test_util_parse_http_time(void *arg)
   test_eq(-1, parse_http_time("Sunday, 32-Aug-94 00:48:22 GMT", &a_time));
   test_eq(-1, parse_http_time("Sunday, 3-Ago-04 00:48:22", &a_time));
   test_eq(-1, parse_http_time("Sunday, August the third", &a_time));
+  test_eq(-1, parse_http_time("Wednesday,,04 Aug 1994 00:48:22 GMT", &a_time));
 
   test_eq(0, parse_http_time("Wednesday, 04 Aug 1994 00:48:22 GMT", &a_time));
   test_eq((time_t)775961302UL, tor_timegm(&a_time));