diff --git a/server/apreq_parser_multipart.c b/server/apreq_parser_multipart.c
index e4c4d71b91..a6c0151367 100644
--- a/server/apreq_parser_multipart.c
+++ b/server/apreq_parser_multipart.c
@@ -240,6 +240,8 @@ struct mfd_ctx * create_multipart_context(const char *content_type,
                                (const char **)&ctx->bdry, &blen);
     if (s != APR_SUCCESS)
         return NULL; /* missing boundary */
+    if (!ctx->bdry || !*ctx->bdry)
+        return NULL; /* boundary with no or empty value */
 
     ctx->bdry[blen] = 0;
 
diff --git a/server/apreq_util.c b/server/apreq_util.c
index eba8b8b3f6..11b66f9a14 100644
--- a/server/apreq_util.c
+++ b/server/apreq_util.c
@@ -868,7 +868,7 @@ APREQ_DECLARE(apr_status_t)
         case '=':
         case ';':
         case ',':
-            v = hde + 1;
+            v = hde;
             hde -= tail;
             break;
         case ' ':
@@ -891,12 +891,13 @@ APREQ_DECLARE(apr_status_t)
         }
 
         /* Parse the value => (*val, *vlen) */
-        if (v[-1] == '=') {
+        if (*v == '=') {
             if (hde == hdr) {
                 /* The name can't be empty */
                 return APREQ_ERROR_BADATTR;
             }
 
+            ++v;
             while (IS_SPACE_CHAR(*v))
                 ++v;