diff --git a/src/box/xrow.c b/src/box/xrow.c
index 49e0863d30cb2f97e451956d1d12c49d3f30592d..397e236866c757d683a47ae7bc936248d1285fc2 100644
--- a/src/box/xrow.c
+++ b/src/box/xrow.c
@@ -1461,6 +1461,8 @@ xrow_decode_raft(const struct xrow_header *row, struct raft_request *r,
 	memset(r, 0, sizeof(*r));
 
 	const char *pos = row->body[0].iov_base;
+	if (mp_typeof(*pos) != MP_MAP)
+		goto bad_msgpack;
 	uint32_t map_size = mp_decode_map(&pos);
 	for (uint32_t i = 0; i < map_size; ++i)
 	{
diff --git a/test/fuzz/xrow_decode_raft_fuzzer.c b/test/fuzz/xrow_decode_raft_fuzzer.c
index 554abb8dbbf92ff0fed9b99dee6a95e813587c19..3eac775ecd962cef8588ddeee845274133c4ff69 100644
--- a/test/fuzz/xrow_decode_raft_fuzzer.c
+++ b/test/fuzz/xrow_decode_raft_fuzzer.c
@@ -37,6 +37,8 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 	struct xrow_header row = {0};
 	row.body[0] = body;
 	row.bodycnt = 1;
+	row.type = IPROTO_RAFT;
+	row.group_id = GROUP_LOCAL;
 
 	struct raft_request request = {0};
 	struct vclock vclock = {0};