diff --git a/OpenEXR/IlmImf/ImfDwaCompressor.cpp b/OpenEXR/IlmImf/ImfDwaCompressor.cpp
index 44a195bf66..8dc0885e42 100644
--- a/OpenEXR/IlmImf/ImfDwaCompressor.cpp
+++ b/OpenEXR/IlmImf/ImfDwaCompressor.cpp
@@ -268,8 +268,9 @@ struct DwaCompressor::Classifier
                                 " (truncated rule).");
             
         {
-            char suffix[Name::SIZE];
-            memset (suffix, 0, Name::SIZE);
+            // maximum length of string plus one byte for terminating NULL
+            char suffix[Name::SIZE+1];
+            memset (suffix, 0, Name::SIZE+1);
             Xdr::read<CharPtrIO> (ptr, std::min(size, Name::SIZE-1), suffix);
             _suffix = std::string(suffix);
         }
@@ -2816,6 +2817,14 @@ DwaCompressor::uncompress
                     if (IMATH_NAMESPACE::modp (y, cd->ySampling) != 0)
                         continue;
 
+                    //
+                    // sanity check for buffer data lying within range
+                    //
+                    if (cd->planarUncBufferEnd + dstScanlineSize - _planarUncBuffer[UNKNOWN] > _planarUncBufferSize[UNKNOWN] )
+                    {
+                        throw Iex::InputExc("DWA data corrupt");
+                    }
+
                     memcpy (rowPtrs[chan][row],
                             cd->planarUncBufferEnd,
                             dstScanlineSize);