diff --git a/print-bgp.c b/print-bgp.c
index 1827e422a..51299841f 100644
--- a/print-bgp.c
+++ b/print-bgp.c
@@ -1539,6 +1539,67 @@ check_add_path(netdissect_options *ndo, const u_char *pptr, u_int length,
     return 0;
 }
 
+static int
+bgp_mp_af_print(netdissect_options *ndo,
+	        const u_char *tptr, u_int tlen,
+		uint16_t *afp, uint8_t *safip)
+{
+	uint16_t af;
+	uint8_t safi;
+
+        af = GET_BE_U_2(tptr);
+	*afp = af;
+        safi = GET_U_1(tptr + 2);
+	*safip = safi;
+
+        ND_PRINT("\n\t    AFI: %s (%u), %sSAFI: %s (%u)",
+                  tok2str(af_values, "Unknown AFI", af),
+                  af,
+                  (safi>128) ? "vendor specific " : "", /* 128 is meanwhile wellknown */
+                  tok2str(bgp_safi_values, "Unknown SAFI", safi),
+                  safi);
+
+        switch(af<<8 | safi) {
+        case (AFNUM_INET<<8 | SAFNUM_UNICAST):
+        case (AFNUM_INET<<8 | SAFNUM_MULTICAST):
+        case (AFNUM_INET<<8 | SAFNUM_UNIMULTICAST):
+        case (AFNUM_INET<<8 | SAFNUM_LABUNICAST):
+        case (AFNUM_INET<<8 | SAFNUM_RT_ROUTING_INFO):
+        case (AFNUM_INET<<8 | SAFNUM_VPNUNICAST):
+        case (AFNUM_INET<<8 | SAFNUM_VPNMULTICAST):
+        case (AFNUM_INET<<8 | SAFNUM_VPNUNIMULTICAST):
+        case (AFNUM_INET<<8 | SAFNUM_MULTICAST_VPN):
+        case (AFNUM_INET<<8 | SAFNUM_MDT):
+        case (AFNUM_INET6<<8 | SAFNUM_UNICAST):
+        case (AFNUM_INET6<<8 | SAFNUM_MULTICAST):
+        case (AFNUM_INET6<<8 | SAFNUM_UNIMULTICAST):
+        case (AFNUM_INET6<<8 | SAFNUM_LABUNICAST):
+        case (AFNUM_INET6<<8 | SAFNUM_VPNUNICAST):
+        case (AFNUM_INET6<<8 | SAFNUM_VPNMULTICAST):
+        case (AFNUM_INET6<<8 | SAFNUM_VPNUNIMULTICAST):
+        case (AFNUM_NSAP<<8 | SAFNUM_UNICAST):
+        case (AFNUM_NSAP<<8 | SAFNUM_MULTICAST):
+        case (AFNUM_NSAP<<8 | SAFNUM_UNIMULTICAST):
+        case (AFNUM_NSAP<<8 | SAFNUM_VPNUNICAST):
+        case (AFNUM_NSAP<<8 | SAFNUM_VPNMULTICAST):
+        case (AFNUM_NSAP<<8 | SAFNUM_VPNUNIMULTICAST):
+        case (AFNUM_L2VPN<<8 | SAFNUM_VPNUNICAST):
+        case (AFNUM_L2VPN<<8 | SAFNUM_VPNMULTICAST):
+        case (AFNUM_L2VPN<<8 | SAFNUM_VPNUNIMULTICAST):
+        case (AFNUM_VPLS<<8 | SAFNUM_VPLS):
+            break;
+        default:
+            ND_TCHECK_LEN(tptr, tlen);
+            ND_PRINT("\n\t    no AFI %u / SAFI %u decoder", af, safi);
+            if (ndo->ndo_vflag <= 1)
+                print_unknown_data(ndo, tptr, "\n\t    ", tlen);
+            return -1;
+        }
+	return 0;
+trunc:
+	return -2;
+}
+
 static int
 bgp_nlri_print(netdissect_options *ndo, uint16_t af, uint8_t safi,
 	       const u_char *tptr, u_int len,
@@ -1696,15 +1757,10 @@ bgp_nlri_print(netdissect_options *ndo, uint16_t af, uint8_t safi,
                 break;
             default:
 		/*
-		 * We're just confused here.
-		 * tlen was the next-hop length.
-                ND_TCHECK_LEN(tptr, tlen);
-		 */
-                ND_PRINT("\n\t    no AFI %u / SAFI %u decoder", af, safi);
-		/*
-                if (ndo->ndo_vflag <= 1)
-                    print_unknown_data(ndo, tptr, "\n\t    ", tlen);
+		 * This should not happen, we should have been protected
+		 * by bgp_mp_af_print()'s return value.
 		 */
+                ND_PRINT("\n\t    ERROR: no AFI %u / SAFI %u decoder", af, safi);
                 advance = -4;
                 break;
 	}
@@ -1727,6 +1783,7 @@ bgp_attr_print(netdissect_options *ndo,
     u_int as_size;
     int add_path4, add_path6;
     u_int path_id = 0;
+    int ret;
 
     tptr = pptr;
     tlen = len;
@@ -1899,53 +1956,11 @@ bgp_attr_print(netdissect_options *ndo,
         ND_TCHECK_3(tptr);
         if (tlen < 3)
             goto trunc;
-        af = GET_BE_U_2(tptr);
-        safi = GET_U_1(tptr + 2);
-
-        ND_PRINT("\n\t    AFI: %s (%u), %sSAFI: %s (%u)",
-                  tok2str(af_values, "Unknown AFI", af),
-                  af,
-                  (safi>128) ? "vendor specific " : "", /* 128 is meanwhile wellknown */
-                  tok2str(bgp_safi_values, "Unknown SAFI", safi),
-                  safi);
-
-        switch(af<<8 | safi) {
-        case (AFNUM_INET<<8 | SAFNUM_UNICAST):
-        case (AFNUM_INET<<8 | SAFNUM_MULTICAST):
-        case (AFNUM_INET<<8 | SAFNUM_UNIMULTICAST):
-        case (AFNUM_INET<<8 | SAFNUM_LABUNICAST):
-        case (AFNUM_INET<<8 | SAFNUM_RT_ROUTING_INFO):
-        case (AFNUM_INET<<8 | SAFNUM_VPNUNICAST):
-        case (AFNUM_INET<<8 | SAFNUM_VPNMULTICAST):
-        case (AFNUM_INET<<8 | SAFNUM_VPNUNIMULTICAST):
-        case (AFNUM_INET<<8 | SAFNUM_MULTICAST_VPN):
-        case (AFNUM_INET<<8 | SAFNUM_MDT):
-        case (AFNUM_INET6<<8 | SAFNUM_UNICAST):
-        case (AFNUM_INET6<<8 | SAFNUM_MULTICAST):
-        case (AFNUM_INET6<<8 | SAFNUM_UNIMULTICAST):
-        case (AFNUM_INET6<<8 | SAFNUM_LABUNICAST):
-        case (AFNUM_INET6<<8 | SAFNUM_VPNUNICAST):
-        case (AFNUM_INET6<<8 | SAFNUM_VPNMULTICAST):
-        case (AFNUM_INET6<<8 | SAFNUM_VPNUNIMULTICAST):
-        case (AFNUM_NSAP<<8 | SAFNUM_UNICAST):
-        case (AFNUM_NSAP<<8 | SAFNUM_MULTICAST):
-        case (AFNUM_NSAP<<8 | SAFNUM_UNIMULTICAST):
-        case (AFNUM_NSAP<<8 | SAFNUM_VPNUNICAST):
-        case (AFNUM_NSAP<<8 | SAFNUM_VPNMULTICAST):
-        case (AFNUM_NSAP<<8 | SAFNUM_VPNUNIMULTICAST):
-        case (AFNUM_L2VPN<<8 | SAFNUM_VPNUNICAST):
-        case (AFNUM_L2VPN<<8 | SAFNUM_VPNMULTICAST):
-        case (AFNUM_L2VPN<<8 | SAFNUM_VPNUNIMULTICAST):
-        case (AFNUM_VPLS<<8 | SAFNUM_VPLS):
-            break;
-        default:
-            ND_TCHECK_LEN(tptr, tlen);
-            ND_PRINT("\n\t    no AFI %u / SAFI %u decoder", af, safi);
-            if (ndo->ndo_vflag <= 1)
-                print_unknown_data(ndo, tptr, "\n\t    ", tlen);
-            goto done;
-            break;
-        }
+	ret = bgp_mp_af_print(ndo, tptr, tlen, &af, &safi);
+	if (ret == -2)
+	    goto trunc;
+	if (ret < 0)
+	    break;
 
         tptr +=3;
 
@@ -2070,10 +2085,11 @@ bgp_attr_print(netdissect_options *ndo,
                     }
                     break;
                 default:
-                    ND_TCHECK_LEN(tptr, tlen);
-                    ND_PRINT("no AFI %u/SAFI %u decoder", af, safi);
-                    if (ndo->ndo_vflag <= 1)
-                        print_unknown_data(ndo, tptr, "\n\t    ", tlen);
+		    /*
+		     * bgp_mp_af_print() should have saved us from
+		     * an unsupported AFI/SAFI.
+		     */
+                    ND_PRINT("ERROR: no AFI %u/SAFI %u nexthop decoder", af, safi);
                     tptr += tlen;
                     tlen = 0;
                     goto done;
@@ -2111,20 +2127,15 @@ bgp_attr_print(netdissect_options *ndo,
                 break;
             tptr += advance;
         }
-    done:
         break;
 
     case BGPTYPE_MP_UNREACH_NLRI:
         ND_TCHECK_LEN(tptr, BGP_MP_NLRI_MINSIZE);
-        af = GET_BE_U_2(tptr);
-        safi = GET_U_1(tptr + 2);
-
-        ND_PRINT("\n\t    AFI: %s (%u), %sSAFI: %s (%u)",
-                  tok2str(af_values, "Unknown AFI", af),
-                  af,
-                  (safi>128) ? "vendor specific " : "", /* 128 is meanwhile wellknown */
-                  tok2str(bgp_safi_values, "Unknown SAFI", safi),
-                  safi);
+	ret = bgp_mp_af_print(ndo, tptr, tlen, &af, &safi);
+	if (ret == -2)
+	    goto trunc;
+	if (ret < 0)
+	    break;
 
         if (len == BGP_MP_NLRI_MINSIZE)
             ND_PRINT("\n\t      End-of-Rib Marker (empty NLRI)");
@@ -2376,6 +2387,7 @@ bgp_attr_print(netdissect_options *ndo,
             print_unknown_data(ndo, pptr, "\n\t    ", len);
         break;
     }
+done:
     if (ndo->ndo_vflag > 1 && len) { /* omit zero length attributes*/
         ND_TCHECK_LEN(pptr, len);
         print_unknown_data(ndo, pptr, "\n\t    ", len);