diff --git a/epan/dissectors/packet-mmse.c.old b/epan/dissectors/packet-mmse.c
index aacebaf..2a74836 100644
--- a/epan/dissectors/packet-mmse.c.old
+++ b/epan/dissectors/packet-mmse.c
@@ -494,6 +494,12 @@ get_value_length(tvbuff_t *tvb, guint offset, guint *byte_count)
 	field = tvb_get_guintvar(tvb, offset, byte_count);
 	(*byte_count)++;
     }
+
+    /* The packet says there are this many bytes; ensure they're there.
+     * We do this here because several callers do math on the length we
+     * return here and may not catch an overflow.
+     */
+    tvb_ensure_bytes_exist(tvb, offset, field);
     return field;
 }
 
@@ -699,7 +705,7 @@ static void
 dissect_mmse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint8 pdut,
 	const char *message_type)
 {
-    guint	 offset;
+    guint	 offset, old_offset;
     guint8	 field = 0;
     const char	 *strval;
     guint	 length;
@@ -734,6 +740,7 @@ dissect_mmse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint8 pdut,
     }
 
     offset = 2;			/* Skip Message-Type	*/
+    old_offset = 1;
 
     /*
      * Cycle through MMS-headers
@@ -1293,6 +1300,11 @@ dissect_mmse(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint8 pdut,
 		    break;
 	    }
 	    DebugLog(("\tEnd(case)\n"));
+
+            if (offset <= old_offset) {
+                REPORT_DISSECTOR_BUG("Offset isn't increasing");
+            }
+            old_offset = offset;
 	}
 	DebugLog(("\tEnd(switch)\n"));
 	if (field == MM_CTYPE_HDR) {