diff --git a/libavcodec/tiff.c b/libavcodec/tiff.c
index 8de1ebd1bf..a30e1a948a 100644
--- a/libavcodec/tiff.c
+++ b/libavcodec/tiff.c
@@ -253,6 +253,10 @@ static int tiff_unpack_strip(TiffContext *s, uint8_t *dst, int stride,
             break;
         case TIFF_PACKBITS:
             for (pixels = 0; pixels < width;) {
+                if (ssrc + size - src < 2) {
+                    av_log(s->avctx, AV_LOG_ERROR, "Read went out of bounds\n");
+                    return AVERROR_INVALIDDATA;
+                }
                 code = (int8_t) * src++;
                 if (code >= 0) {
                     code++;
@@ -261,6 +265,10 @@ static int tiff_unpack_strip(TiffContext *s, uint8_t *dst, int stride,
                                "Copy went out of bounds\n");
                         return -1;
                     }
+                    if (ssrc + size - src < code) {
+                        av_log(s->avctx, AV_LOG_ERROR, "Read went out of bounds\n");
+                        return AVERROR_INVALIDDATA;
+                    }
                     horizontal_fill(s->bpp * (s->avctx->pix_fmt == PIX_FMT_PAL8),
                                     dst, 1, src, 0, code, pixels);
                     src += code;