diff --git a/src/imageformats/ras.cpp b/src/imageformats/ras.cpp
index bd250ff..b347258 100644
--- a/src/imageformats/ras.cpp
+++ b/src/imageformats/ras.cpp
@@ -221,9 +221,16 @@ static bool LoadRAS(QDataStream &s, const RasHeader &ras, QImage &img)
 
     // Read palette if needed.
     if (ras.ColorMapType == RAS_COLOR_MAP_TYPE_RGB) {
+        // max 256 rgb elements palette is supported
+        if (ras.ColorMapLength > 768) {
+            return false;
+        }
         QList<quint8> palette(ras.ColorMapLength);
         for (quint32 i = 0; i < ras.ColorMapLength; ++i) {
             s >> palette[i];
+            if (s.status() != QDataStream::Ok) {
+                return false;
+            }
         }
         QList<QRgb> colorTable;
         for (quint32 i = 0, n = ras.ColorMapLength / 3; i < n; ++i) {
@@ -233,9 +240,6 @@ static bool LoadRAS(QDataStream &s, const RasHeader &ras, QImage &img)
             colorTable << qRgb(255, 255, 255);
         }
         img.setColorTable(colorTable);
-        if (s.status() != QDataStream::Ok) {
-            return false;
-        }
     }
 
     LineDecoder dec(s.device(), ras);
diff --git a/src/imageformats/rgb.cpp b/src/imageformats/rgb.cpp
index bfd92d3..f10251e 100644
--- a/src/imageformats/rgb.cpp
+++ b/src/imageformats/rgb.cpp
@@ -360,11 +360,15 @@ bool SGIImage::readImage(QImage &img)
         }
 
         _lengthtab = new quint32[_numrows];
-        for (l = 0; l < _numrows; l++) {
+        for (l = 0; !_stream.atEnd() && l < _numrows; l++) {
             _stream >> _lengthtab[l];
         }
     }
 
+    if (_stream.status() != QDataStream::Ok) {
+        return false;
+    }
+
     _data = _dev->readAll();
 
     // sanity check