diff --git a/tests/unittests/torture_config.c b/tests/unittests/torture_config.c
index 751aa126..ebc2cdbd 100644
--- a/tests/unittests/torture_config.c
+++ b/tests/unittests/torture_config.c
@@ -2377,6 +2377,9 @@ static void torture_config_parse_uri(void **state)
     assert_null(username);
     assert_string_equal(hostname, "1:2:3::4");
     SAFE_FREE(hostname);
+
+    rc = ssh_config_parse_uri("user -name@", &username, NULL, NULL, true);
+    assert_int_equal(rc, SSH_ERROR);
 }
 
 int torture_run_tests(void)
diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c
index b07712d8..e41c15da 100644
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@@ -86,6 +86,9 @@ static void torture_options_set_host(void **state) {
     assert_non_null(session->opts.username);
     assert_string_equal(session->opts.username, "at@login");
 
+    /* disallow metacharacters in the username */
+    rc = ssh_options_set(session, SSH_OPTIONS_HOST, "shallN()tP4ss -@hostname");
+    assert_ssh_return_code_equal(session, rc, SSH_ERROR);
 }
 
 static void torture_options_set_ciphers(void **state) {
@@ -393,6 +396,9 @@ static void torture_options_set_user(void **state) {
     assert_true(rc == 0);
 #endif /* _WIN32 */
 
+    rc = ssh_options_set(session, SSH_OPTIONS_USER, "&shallN()tP4ss");
+    assert_ssh_return_code_equal(session, rc, SSH_ERROR);
+
     rc = ssh_options_set(session, SSH_OPTIONS_USER, "guru");
     assert_true(rc == 0);
     assert_string_equal(session->opts.username, "guru");