diff --git a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
index 77793b6c..c141b4ba 100644
--- a/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
+++ b/libwvdrmengine/mediadrm/src/WVDrmPlugin.cpp
@@ -1008,6 +1008,11 @@ status_t WVDrmPlugin::mapOEMCryptoResult(OEMCryptoResult res) {
 bool WVDrmPlugin::initDataResemblesPSSH(const Vector<uint8_t>& initData) {
   const uint8_t* const initDataArray = initData.array();
 
+  if (sizeof(uint32_t) + kPsshTag.size() > initData.size()) {
+    // The init data is so small that it couldn't contain a size and PSSH tag.
+    return false;
+  }
+
   // Extract the size field
   const uint8_t* const sizeField = &initDataArray[0];
   uint32_t nboSize;
diff --git a/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp b/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
index 5202e45b..1fa1563e 100644
--- a/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
+++ b/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
@@ -1316,6 +1316,11 @@ status_t WVDrmPlugin::mapOEMCryptoResult(OEMCryptoResult res) {
 bool WVDrmPlugin::initDataResemblesPSSH(const std::vector<uint8_t>& initData) {
   const uint8_t* const initDataArray = initData.data();
 
+  if (sizeof(uint32_t) + kPsshTag.size() > initData.size()) {
+    // The init data is so small that it couldn't contain a size and PSSH tag.
+    return false;
+  }
+
   // Extract the size field
   const uint8_t* const sizeField = &initDataArray[0];
   uint32_t nboSize;