diff --git a/src/ripple/rpc/impl/TransactionSign.cpp b/src/ripple/rpc/impl/TransactionSign.cpp
index 1e6d8dd192..6b1474f90a 100644
--- a/src/ripple/rpc/impl/TransactionSign.cpp
+++ b/src/ripple/rpc/impl/TransactionSign.cpp
@@ -785,6 +785,9 @@ static Json::Value checkMultiSignFields (Json::Value const& jvRequest)
 
     Json::Value const& tx_json (jvRequest [jss::tx_json]);
 
+    if (!tx_json.isObject())
+        return RPC::invalid_field_message (jss::tx_json);
+
     // There are a couple of additional fields we need to check before
     // we serialize.  If we serialize first then we generate less useful
     //error messages.
@@ -878,13 +881,17 @@ Json::Value transactionSignFor (
             RPC::invalid_field_message (accountField));
     }
 
-    // If the tx_json.SigningPubKey field is missing, insert an empty one.
-    // RIPD-1036.
    if (! jvRequest.isMember (jss::tx_json))
         return RPC::missing_field_error (jss::tx_json);
 
     {
         Json::Value& tx_json (jvRequest [jss::tx_json]);
+
+        if (!tx_json.isObject())
+            return RPC::object_field_error (jss::tx_json);
+
+        // If the tx_json.SigningPubKey field is missing,
+        // insert an empty one.
         if (!tx_json.isMember (sfSigningPubKey.getJsonName()))
             tx_json[sfSigningPubKey.getJsonName()] = "";
     }
diff --git a/src/ripple/rpc/tests/JSONRPC.test.cpp b/src/ripple/rpc/tests/JSONRPC.test.cpp
index 1965c957e2..bd6c7f247f 100644
--- a/src/ripple/rpc/tests/JSONRPC.test.cpp
+++ b/src/ripple/rpc/tests/JSONRPC.test.cpp
@@ -1112,6 +1112,45 @@ R"({
 "Missing field 'tx_json.TransactionType'.",
 "Missing field 'tx_json.TransactionType'."}},
 
+{ "Invalid field 'tx_json': string instead of object",
+R"({
+    "command": "doesnt_matter",
+    "account": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
+    "secret": "masterpassphrase",
+    "tx_json": ""
+})",
+{
+"Invalid field 'tx_json', not object.",
+"Invalid field 'tx_json', not object.",
+"Invalid field 'tx_json', not object.",
+"Invalid field 'tx_json', not object."}},
+
+{ "Invalid field 'tx_json': integer instead of object",
+R"({
+    "command": "doesnt_matter",
+    "account": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
+    "secret": "masterpassphrase",
+    "tx_json": 20160331
+})",
+{
+"Invalid field 'tx_json', not object.",
+"Invalid field 'tx_json', not object.",
+"Invalid field 'tx_json', not object.",
+"Invalid field 'tx_json', not object."}},
+
+{ "Invalid field 'tx_json': array instead of object",
+R"({
+    "command": "doesnt_matter",
+    "account": "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh",
+    "secret": "masterpassphrase",
+    "tx_json": [ "hello", "world" ]
+})",
+{
+"Invalid field 'tx_json', not object.",
+"Invalid field 'tx_json', not object.",
+"Invalid field 'tx_json', not object.",
+"Invalid field 'tx_json', not object."}},
+
 { "Minimal submit_multisigned.",
 R"({
     "command": "submit_multisigned",