diff --git a/src/webpimage.cpp b/src/webpimage.cpp
index e4057d6..f1dd77c 100644
--- a/src/webpimage.cpp
+++ b/src/webpimage.cpp
@@ -44,6 +44,8 @@
 #include "tiffimage.hpp"
 #include "tiffimage_int.hpp"
 #include "convert.hpp"
+#include "enforce.hpp"
+
 #include <cmath>
 #include <iomanip>
 #include <string>
@@ -516,6 +518,8 @@ namespace Exiv2 {
             DataBuf payload(size);

             if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_VP8X) && !has_canvas_data) {
+                enforce(size >= 10, Exiv2::kerCorruptedMetadata);
+
                 has_canvas_data = true;
                 byte size_buf[WEBP_TAG_SIZE];

@@ -531,6 +535,8 @@ namespace Exiv2 {
                 size_buf[3] = 0;
                 pixelHeight_ = Exiv2::getULong(size_buf, littleEndian) + 1;
             } else if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_VP8) && !has_canvas_data) {
+                enforce(size >= 10, Exiv2::kerCorruptedMetadata);
+
                 has_canvas_data = true;
                 io_->read(payload.pData_, payload.size_);
                 byte size_buf[WEBP_TAG_SIZE];
@@ -547,6 +553,8 @@ namespace Exiv2 {
                 size_buf[3] = 0;
                 pixelHeight_ = Exiv2::getULong(size_buf, littleEndian) & 0x3fff;
             } else if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_VP8L) && !has_canvas_data) {
+                enforce(size >= 5, Exiv2::kerCorruptedMetadata);
+
                 has_canvas_data = true;
                 byte size_buf_w[2];
                 byte size_buf_h[3];
@@ -564,6 +572,8 @@ namespace Exiv2 {
                 size_buf_h[1] = ((size_buf_h[1] >> 6) & 0x3) | ((size_buf_h[2] & 0xF) << 0x2);
                 pixelHeight_ = Exiv2::getUShort(size_buf_h, littleEndian) + 1;
             } else if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_ANMF) && !has_canvas_data) {
+                enforce(size >= 12, Exiv2::kerCorruptedMetadata);
+
                 has_canvas_data = true;
                 byte size_buf[WEBP_TAG_SIZE];