diff --git a/src/decompress.cpp b/src/decompress.cpp
index ba996bf..b99a22a 100644
--- a/src/decompress.cpp
+++ b/src/decompress.cpp
@@ -54,11 +54,9 @@ auto decompress(std::span<const std::byte> src, std::span<std::byte> dst)
       if (len != static_cast<std::uint16_t>(~nlen)) {
         return DecompressStatus::NoCompressionLenMismatch;
       }
-      // TODO: should we return an error instead of assert?
-      assert(
-          std::cmp_greater_equal(
-              src_bits.size(), std::size_t{len} * CHAR_BIT) and
-          "not enough bits in src");
+      if (src_bits.size() < std::size_t{len} * std::size_t{CHAR_BIT}) {
+        return DecompressStatus::SrcTooSmall;
+      }
 
       if (dst.size() < len) {
         return DecompressStatus::DstTooSmall;
diff --git a/src/decompress.hpp b/src/decompress.hpp
index e13b57a..07f88f4 100644
--- a/src/decompress.hpp
+++ b/src/decompress.hpp
@@ -17,6 +17,7 @@ enum class DecompressStatus : std::uint8_t
   InvalidBlockHeader,
   NoCompressionLenMismatch,
   DstTooSmall,
+  SrcTooSmall,
 };
 
 namespace detail {
diff --git a/src/test/decompress_test.cpp b/src/test/decompress_test.cpp
index 75377ea..26cf9dc 100644
--- a/src/test/decompress_test.cpp
+++ b/src/test/decompress_test.cpp
@@ -115,10 +115,13 @@ auto main(int, char* argv[]) -> int
 
     std::array<std::byte, expected.size()> dst_array{};
     std::span<std::byte> dst_too_small{dst_array.data(), dst_array.size() - 1};
-    const auto status_too_small = decompress(src, dst_too_small);
-    expect(status_too_small == DecompressStatus::DstTooSmall);
+    const auto status_dst_too_small = decompress(src, dst_too_small);
+    expect(status_dst_too_small == DecompressStatus::DstTooSmall);
 
     std::span<std::byte> dst{dst_array};
+    const auto status_src_too_small = decompress(src.subspan(0, 5), dst);
+    expect(status_src_too_small == DecompressStatus::SrcTooSmall);
+
     const auto status = decompress(src, dst);
     expect(status == DecompressStatus::Success);
     expect(std::ranges::equal(dst, expected));