Index: LibRaw-0.18.9/internal/dcraw_common.cpp
===================================================================
--- LibRaw-0.18.9.orig/internal/dcraw_common.cpp
+++ LibRaw-0.18.9/internal/dcraw_common.cpp
@@ -532,14 +532,36 @@ ushort * CLASS make_decoder_ref (const u
 
   count = (*source += 16) - 17;
   for (max=16; max && !count[max]; max--);
-  huff = (ushort *) calloc (1 + (1 << max), sizeof *huff);
-  merror (huff, "make_decoder()");
+
+  uint32_t tsize = 1 << max;
+  huff = (ushort *)calloc(1 + tsize, sizeof *huff);
+  if (!huff) throw LIBRAW_EXCEPTION_ALLOC;
+
   huff[0] = max;
+  int pos = 0;
+
   for (h=len=1; len <= max; len++)
+  {
     for (i=0; i < count[len]; i++, ++*source)
+    {
+      pos++;
+      if (pos > 256)
+      {
+        free(huff);
+        throw LIBRAW_EXCEPTION_IO_CORRUPT;
+      }
+
       for (j=0; j < 1 << (max-len); j++)
-	if (h <= 1 << max)
-	  huff[h++] = len << 8 | **source;
+      {
+        if (h > (int)tsize)
+        {
+          free(huff);
+          throw LIBRAW_EXCEPTION_IO_CORRUPT;
+        }
+        huff[h++] = len << 8 | **source;
+      }
+    }
+  }
   return huff;
 }