diff --git a/libavcodec/arbc.c b/libavcodec/arbc.c
index 11942e1983..a8b0bb0d8b 100644
--- a/libavcodec/arbc.c
+++ b/libavcodec/arbc.c
@@ -117,6 +117,15 @@ static int decode_frame(AVCodecContext *avctx, void *data,
     if (avpkt->size < 10)
         return AVERROR_INVALIDDATA;
 
+    bytestream2_init(&s->gb, avpkt->data, avpkt->size);
+    bytestream2_skip(&s->gb, 8);
+    nb_segments = bytestream2_get_le16(&s->gb);
+    if (nb_segments == 0)
+        keyframe = 0;
+
+    if (7 * nb_segments > bytestream2_get_bytes_left(&s->gb))
+        return AVERROR_INVALIDDATA;
+
     if ((ret = ff_get_buffer(avctx, frame, AV_GET_BUFFER_FLAG_REF)) < 0)
         return ret;
 
@@ -126,12 +135,6 @@ static int decode_frame(AVCodecContext *avctx, void *data,
             return ret;
     }
 
-    bytestream2_init(&s->gb, avpkt->data, avpkt->size);
-    bytestream2_skip(&s->gb, 8);
-    nb_segments = bytestream2_get_le16(&s->gb);
-    if (nb_segments == 0)
-        keyframe = 0;
-
     for (int i = 0; i < nb_segments; i++) {
         int resolution_flag;
         int fill;