diff --git a/dtls.c b/dtls.c
index c091f01..c5e4870 100644
--- a/dtls.c
+++ b/dtls.c
@@ -437,6 +437,7 @@ dtls_write(struct dtls_context_t *ctx, session_t *session,
 
 static int
 dtls_get_cookie(uint8 *msg, size_t msglen, uint8 **cookie) {
+  size_t cookie_len;
   /* To access the cookie, we have to determine the session id's
    * length and skip the whole thing. */
   if (msglen < DTLS_HS_LENGTH + DTLS_CH_LENGTH + sizeof(uint8))
@@ -452,11 +453,11 @@ dtls_get_cookie(uint8 *msg, size_t msglen, uint8 **cookie) {
   SKIP_VAR_FIELD(msg, msglen, uint8, DTLS_ALERT_HANDSHAKE_FAILURE,
                  "get_cookie, session_id");
 
-  if (msglen < (*msg & 0xff) + sizeof(uint8))
-    return dtls_alert_fatal_create(DTLS_ALERT_HANDSHAKE_FAILURE);
+  GET_VAR_FIELD(cookie_len, msg, msglen, uint8, DTLS_ALERT_HANDSHAKE_FAILURE,
+                "get_cookie, cookie");
 
-  *cookie = msg + sizeof(uint8);
-  return dtls_uint8_to_int(msg);
+  *cookie = msg;
+  return cookie_len;
 }
 
 static int