diff --git a/jdk/src/share/classes/sun/awt/image/GifImageDecoder.java b/jdk/src/share/classes/sun/awt/image/GifImageDecoder.java
index aa87fb82ef7..b0679afc437 100644
--- a/jdk/src/share/classes/sun/awt/image/GifImageDecoder.java
+++ b/jdk/src/share/classes/sun/awt/image/GifImageDecoder.java
@@ -585,9 +585,16 @@ public class GifImageDecoder extends ImageDecoder {
             System.out.print("Reading a " + width + " by " + height + " " +
                       (interlace ? "" : "non-") + "interlaced image...");
         }
-
+        int initCodeSize = ExtractByte(block, 9);
+        if (initCodeSize >= 12) {
+            if (verbose) {
+                System.out.println("Invalid initial code size: " +
+                                   initCodeSize);
+            }
+            return false;
+        }
         boolean ret = parseImage(x, y, width, height,
-                                 interlace, ExtractByte(block, 9),
+                                 interlace, initCodeSize,
                                  block, rasline, model);
 
         if (!ret) {
diff --git a/jdk/src/share/native/sun/awt/image/gif/gifdecoder.c b/jdk/src/share/native/sun/awt/image/gif/gifdecoder.c
index 1429931f8c6..893007f1366 100644
--- a/jdk/src/share/native/sun/awt/image/gif/gifdecoder.c
+++ b/jdk/src/share/native/sun/awt/image/gif/gifdecoder.c
@@ -191,6 +191,11 @@ Java_sun_awt_image_GifImageDecoder_parseImage(JNIEnv *env,
     int passht = passinc;
     int len;
 
+    /* We have verified the initial code size on the java layer.
+     * Here we just check bounds for particular indexes. */
+    if (freeCode >= 4096 || maxCode >= 4096) {
+        return 0;
+    }
     if (blockh == 0 || raslineh == 0
         || prefixh == 0 || suffixh == 0
         || outCodeh == 0)