diff --git a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
index e5e8bd56..a265e40e 100644
--- a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
+++ b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
@@ -1005,6 +1005,11 @@ status_t WVDrmPlugin::mapOEMCryptoResult(OEMCryptoResult res) {
 bool WVDrmPlugin::initDataResemblesPSSH(const Vector<uint8_t>& initData) {
   const uint8_t* const initDataArray = initData.array();
 
+  if (sizeof(uint32_t) + kPsshTag.size() > initData.size()) {
+    // The init data is so small that it couldn't contain a size and PSSH tag.
+    return false;
+  }
+
   // Extract the size field
   const uint8_t* const sizeField = &initDataArray[0];
   uint32_t nboSize;
diff --git a/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp b/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
index 254ebf2c..3261e2e1 100644
--- a/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
+++ b/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
@@ -1312,6 +1312,11 @@ status_t WVDrmPlugin::mapOEMCryptoResult(OEMCryptoResult res) {
 bool WVDrmPlugin::initDataResemblesPSSH(const std::vector<uint8_t>& initData) {
   const uint8_t* const initDataArray = initData.data();
 
+  if (sizeof(uint32_t) + kPsshTag.size() > initData.size()) {
+    // The init data is so small that it couldn't contain a size and PSSH tag.
+    return false;
+  }
+
   // Extract the size field
   const uint8_t* const sizeField = &initDataArray[0];
   uint32_t nboSize;