diff --git a/daemon/crypto.c b/daemon/crypto.c
index ef9a7dade..c4503fe46 100644
--- a/daemon/crypto.c
+++ b/daemon/crypto.c
@@ -585,6 +585,9 @@ static int aes_gcm_decrypt_rtp(struct crypto_context *c, struct rtp_header *r, s
 	unsigned char iv[12];
 	int len, plaintext_len;
 
+	if (s->len < 16)
+		return -1;
+
 	memcpy(iv, c->session_salt, 12);
 
 	*(u_int32_t*)(iv+2) ^= r->ssrc;
diff --git a/kernel-module/xt_RTPENGINE.c b/kernel-module/xt_RTPENGINE.c
index 55557b02f..fdb759f72 100644
--- a/kernel-module/xt_RTPENGINE.c
+++ b/kernel-module/xt_RTPENGINE.c
@@ -3908,8 +3908,6 @@ static int srtp_encrypt_aes_gcm(struct re_crypto_context *c,
 
 	if (s->session_salt_len != 12)
 		return -EINVAL;
-	if (r->payload_len < 16)
-		return -EINVAL;
 
 	memcpy(iv, c->session_salt, 12);