diff --git a/src/api.py b/src/api.py
index 417eba35..cd3a8962 100644
--- a/src/api.py
+++ b/src/api.py
@@ -623,6 +623,8 @@ class MySimpleXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):
                 raise APIError(6, 'The encoding type must be 2 because that is the only one this program currently supports.')
             subject = self._decode(subject, "base64")
             message = self._decode(message, "base64")
+            if len(subject + message) > (2 ** 18 - 500):
+                raise APIError(27, 'Message is too long.')
             toAddress = addBMIfNotPresent(toAddress)
             fromAddress = addBMIfNotPresent(fromAddress)
             status, addressVersionNumber, streamNumber, toRipe = self._verifyAddress(toAddress)
@@ -666,7 +668,8 @@ class MySimpleXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):
                 raise APIError(6, 'The encoding type must be 2 because that is the only one this program currently supports.')
             subject = self._decode(subject, "base64")
             message = self._decode(message, "base64")
-
+            if len(subject + message) > (2 ** 18 - 500):
+                raise APIError(27, 'Message is too long.')
             fromAddress = addBMIfNotPresent(fromAddress)
             self._verifyAddress(fromAddress)
             try:
@@ -912,7 +915,7 @@ class MySimpleXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):
             return str(e)
         except varintDecodeError as e:
             logger.error(e)
-            return "Data contains a malformed varint. Some details: %s" % e
+            return "API Error 0026: Data contains a malformed varint. Some details: %s" % e
         except Exception as e:
             logger.exception(e)
             return "API Error 0021: Unexpected API Failure - %s" % str(e)
diff --git a/src/class_objectProcessor.py b/src/class_objectProcessor.py
index d37a9836..d8d65559 100644
--- a/src/class_objectProcessor.py
+++ b/src/class_objectProcessor.py
@@ -672,7 +672,7 @@ class objectProcessor(threading.Thread):
             logger.info('Version 1 broadcasts are no longer supported. Not processing it at all.')
         if broadcastVersion in [2,4]:
             """
-            v2 or v4 broadcasts are encrypted the same way the msgs were encrypted. To see if we are interested in a
+            v2 (and later v4) broadcasts are encrypted the same way the msgs were encrypted. To see if we are interested in a
             v2 broadcast, we try to decrypt it. This was replaced with v3 (and later v5) broadcasts which include a tag which 
             we check instead, just like we do with v4 pubkeys. 
             v2 and v3 broadcasts should be completely obsolete after the protocol v3 upgrade period and some code can be simplified.
@@ -849,9 +849,9 @@ class objectProcessor(threading.Thread):
                 return
 
             # broadcast version 3 includes the broadcast version at the beginning
-            # of the decryptedData. Broadcast version 4 doesn't.
+            # of the decryptedData. Broadcast version 5 doesn't.
             readPosition = 0
-            if broadcastVersion == 3:
+            if broadcastVersion == 3: # This section can be removed after the protocol v3 upgrade period
                 signedBroadcastVersion, signedBroadcastVersionLength = decodeVarint(
                     decryptedData[:10])
                 readPosition += signedBroadcastVersionLength