Change decodeTypeAndVal to return an error if the first octet is 0.
diff --git a/ndn-cpp/encoding/BinaryXMLDecoder.c b/ndn-cpp/encoding/BinaryXMLDecoder.c
index ad32909..f5e4928 100644
--- a/ndn-cpp/encoding/BinaryXMLDecoder.c
+++ b/ndn-cpp/encoding/BinaryXMLDecoder.c
@@ -28,6 +28,7 @@
 char *ndn_BinaryXMLDecoder_decodeTypeAndValue(struct ndn_BinaryXMLDecoder *self, unsigned int *type, unsigned int *valueOut) 
 {
   unsigned int value = 0;
+  int gotFirstOctet = 0;
   
 	while (1) {
     if (self->offset >= self->inputLength)
@@ -35,6 +36,13 @@
     
 		unsigned int octet = unsafeReadOctet(self);
 		
+    if (!gotFirstOctet) {
+      if (octet == 0)
+        return "ndn_BinaryXMLDecoder_decodeTypeAndVal: the first header octet may not be zero";
+      
+      gotFirstOctet = 1;
+    }
+    
 		if (octet & ndn_BinaryXML_TT_FINAL) {
       // Finished.
 			*type = octet & ndn_BinaryXML_TT_MASK;
diff --git a/ndn-cpp/encoding/BinaryXMLDecoder.h b/ndn-cpp/encoding/BinaryXMLDecoder.h
index 7696541..0f3285b 100644
--- a/ndn-cpp/encoding/BinaryXMLDecoder.h
+++ b/ndn-cpp/encoding/BinaryXMLDecoder.h
@@ -26,11 +26,10 @@
 
 /**
  * Decode the header's type and value from self's input starting at offset. Update offset.
- * Even though the first byte should not be zero, this silently ignores initial zeros.
  * @param self pointer to the ndn_BinaryXMLDecoder struct
  * @param type output for the header type
  * @param value output for the header value
- * @return 0 for success, else an error string for read past the end of the input
+ * @return 0 for success, else an error string for read past the end of the input or if the initial byte is zero
  */
 char *ndn_BinaryXMLDecoder_decodeTypeAndValue(struct ndn_BinaryXMLDecoder *self, unsigned int *type, unsigned int *value);