diff --git a/libavcodec/pngdec.c b/libavcodec/pngdec.c
index 092528ee3e..b60b2a0238 100644
--- a/libavcodec/pngdec.c
+++ b/libavcodec/pngdec.c
@@ -813,6 +813,11 @@ static int decode_fctl_chunk(AVCodecContext *avctx, PNGDecContext *s,
     if (length != 26)
         return AVERROR_INVALIDDATA;
 
+    if (!(s->state & PNG_IHDR)) {
+        av_log(avctx, AV_LOG_ERROR, "fctl before IHDR\n");
+        return AVERROR_INVALIDDATA;
+    }
+
     sequence_number = bytestream2_get_be32(&s->gb);
     s->cur_w        = bytestream2_get_be32(&s->gb);
     s->cur_h        = bytestream2_get_be32(&s->gb);