diff --git a/src/argv/ntapi_tt_array_utf16.c b/src/argv/ntapi_tt_array_utf16.c
index 3d58b73..540a7c1 100644
--- a/src/argv/ntapi_tt_array_utf16.c
+++ b/src/argv/ntapi_tt_array_utf16.c
@@ -179,7 +179,6 @@ int32_t __stdcall __ntapi_tt_array_convert_utf16_to_utf8(
 		*arrv	= (char *)(ch-(uintptr_t)base);
 		wch	= *warrv + diff;
 
-		/* all utf-16 streams at stake have been validated */
 		while (*wch && (ch < ubound)) {
 			if (*wch <= 0x7F) {
 				/* from: 00000000 0xxxxxxx (little endian) */
@@ -225,6 +224,12 @@ int32_t __stdcall __ntapi_tt_array_convert_utf16_to_utf8(
 
 				/* write the x part */
 				*ch = (char)(0x80 | wx);
+			} else if (wch[0] >= 0xDC00) {
+				return NT_STATUS_ILLEGAL_CHARACTER;
+			} else if (wch[1] < 0xDC00) {
+				return NT_STATUS_ILLEGAL_CHARACTER;
+			} else if (wch[1] >= 0xE000) {
+				return NT_STATUS_ILLEGAL_CHARACTER;
 			} else {
 				/* from: 110110ww  wwzzzzyy  110111yy  yyxxxxxx (little endian) */
 				/* to:   11110uuu  10uuzzzz  10yyyyyy  10xxxxxx (utf-8)         */