diff --git a/src/options.c b/src/options.c
index 99383ad0..92fcca7d 100644
--- a/src/options.c
+++ b/src/options.c
@@ -825,12 +825,12 @@ int ssh_options_set(ssh_session session,
                 return -1;
             } else {
                 int *x = (int *) value;
-                if (*x <= 0) {
+                if (*x <= 0 || *x > 65535) {
                     ssh_set_error_invalid(session);
                     return -1;
                 }
 
-                session->opts.port = *x & 0xffffU;
+                session->opts.port = *x;
             }
             break;
         case SSH_OPTIONS_PORT_STR:
@@ -845,18 +845,18 @@ int ssh_options_set(ssh_session session,
                     return -1;
                 }
                 i = strtol(q, &p, 10);
-                if (q == p) {
+                if (q == p || *p != '\0') {
                     SSH_LOG(SSH_LOG_DEBUG, "No port number was parsed");
                     SAFE_FREE(q);
                     return -1;
                 }
                 SAFE_FREE(q);
-                if (i <= 0) {
+                if (i <= 0 || i > 65535) {
                     ssh_set_error_invalid(session);
                     return -1;
                 }
 
-                session->opts.port = i & 0xffffU;
+                session->opts.port = i;
             }
             break;
         case SSH_OPTIONS_FD:
diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c
index 2f7fbe0c..dd398e46 100644
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@@ -853,9 +853,49 @@ static void torture_options_set_port(void **state)
     assert_true(rc == 0);
     assert_true(session->opts.port == 23);
 
+    rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "23abc");
+    assert_true(rc == -1);
+    assert_true(session->opts.port == 23);
+
     rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "five");
     assert_true(rc == -1);
-    assert_int_not_equal(session->opts.port, 0);
+    assert_true(session->opts.port == 23);
+
+    port = 65535;
+    rc = ssh_options_set(session, SSH_OPTIONS_PORT, &port);
+    assert_true(rc == 0);
+    assert_true(session->opts.port == 65535);
+
+    rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "65535");
+    assert_true(rc == 0);
+    assert_true(session->opts.port == 65535);
+
+    port = 65536;
+    rc = ssh_options_set(session, SSH_OPTIONS_PORT, &port);
+    assert_true(rc == -1);
+    assert_true(session->opts.port == 65535);
+
+    rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "65536");
+    assert_true(rc == -1);
+    assert_true(session->opts.port == 65535);
+
+    port = 0;
+    rc = ssh_options_set(session, SSH_OPTIONS_PORT, &port);
+    assert_true(rc == -1);
+    assert_true(session->opts.port == 65535);
+
+    rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "-1");
+    assert_true(rc == -1);
+    assert_true(session->opts.port == 65535);
+
+    port = 70000;
+    rc = ssh_options_set(session, SSH_OPTIONS_PORT, &port);
+    assert_true(rc == -1);
+    assert_true(session->opts.port == 65535);
+
+    rc = ssh_options_set(session, SSH_OPTIONS_PORT_STR, "70000");
+    assert_true(rc == -1);
+    assert_true(session->opts.port == 65535);
 
     rc = ssh_options_set(session, SSH_OPTIONS_PORT, NULL);
     assert_true(rc == -1);