diff --git a/netwerk/srtp/src/srtp/srtp.c b/netwerk/srtp/src/srtp/srtp.c
--- a/netwerk/srtp/src/srtp/srtp.c
+++ b/netwerk/srtp/src/srtp/srtp.c
@@ -802,16 +802,18 @@ srtp_stream_init(srtp_stream_ctx_t *srtp
     * if we're not providing confidentiality, set enc_start to NULL
     */
    if (stream->rtp_services & sec_serv_conf) {
      enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc;  
      if (hdr->x == 1) {
        srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
        enc_start += (ntohs(xtn_hdr->length) + 1);
      }
+     if (!((uint8_t*)enc_start < (uint8_t*)hdr + *pkt_octet_len))
+       return err_status_parse_err;
      enc_octet_len = (unsigned int)(*pkt_octet_len 
 				    - ((enc_start - (uint32_t *)hdr) << 2));
    } else {
      enc_start = NULL;
    }
 
    /* 
     * if we're providing authentication, set the auth_start and auth_tag
@@ -1071,16 +1073,18 @@ srtp_unprotect(srtp_ctx_t *ctx, void *sr
    * if we're not providing confidentiality, set enc_start to NULL
    */
   if (stream->rtp_services & sec_serv_conf) {
     enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc;  
     if (hdr->x == 1) {
       srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
       enc_start += (ntohs(xtn_hdr->length) + 1);
     }  
+    if (!((uint8_t*)enc_start < (uint8_t*)hdr + (*pkt_octet_len - tag_len)))
+      return err_status_parse_err;
     enc_octet_len = (uint32_t)(*pkt_octet_len - tag_len 
 			       - ((enc_start - (uint32_t *)hdr) << 2));
   } else {
     enc_start = NULL;
   }
 
   /* 
    * if we're providing authentication, set the auth_start and auth_tag
