diff --git a/fuzz/fuzz_targets/client_initial.rs b/fuzz/fuzz_targets/client_initial.rs
index 9689b70628..e191f3513d 100644
--- a/fuzz/fuzz_targets/client_initial.rs
+++ b/fuzz/fuzz_targets/client_initial.rs
@@ -15,7 +15,9 @@ fuzz_target!(|data: &[u8]| {
 
     let mut client = default_client();
     let ci = client.process(None, now()).dgram().expect("a datagram");
-    let (header, d_cid, s_cid, payload) = decode_initial_header(&ci, Role::Client);
+    let Some((header, d_cid, s_cid, payload)) = decode_initial_header(&ci, Role::Client) else {
+        return;
+    };
     let (aead, hp) = initial_aead_and_hp(d_cid, Role::Client);
     let (_, pn) = remove_header_protection(&hp, header, payload);
 
diff --git a/fuzz/fuzz_targets/server_initial.rs b/fuzz/fuzz_targets/server_initial.rs
index 513a7eaad5..e813406c09 100644
--- a/fuzz/fuzz_targets/server_initial.rs
+++ b/fuzz/fuzz_targets/server_initial.rs
@@ -21,7 +21,9 @@ fuzz_target!(|data: &[u8]| {
         .dgram()
         .expect("a datagram");
 
-    let (header, d_cid, s_cid, payload) = decode_initial_header(&si, Role::Server);
+    let Some((header, d_cid, s_cid, payload)) = decode_initial_header(&si, Role::Server) else {
+        return;
+    };
     let (aead, hp) = initial_aead_and_hp(d_cid, Role::Server);
     let (_, pn) = remove_header_protection(&hp, header, payload);
 
diff --git a/fuzz/src/lib.rs b/fuzz/src/lib.rs
index 7cb939cc23..654fbddc7c 100644
--- a/fuzz/src/lib.rs
+++ b/fuzz/src/lib.rs
@@ -25,13 +25,22 @@ use neqo_crypto::{
 // Any token is thrown away.
 #[must_use]
 #[allow(clippy::missing_panics_doc)]
-pub fn decode_initial_header(dgram: &Datagram, role: Role) -> (&[u8], &[u8], &[u8], &[u8]) {
+#[allow(clippy::type_complexity)]
+pub fn decode_initial_header(dgram: &Datagram, role: Role) -> Option<(&[u8], &[u8], &[u8], &[u8])> {
     let mut dec = Decoder::new(&dgram[..]);
     let type_and_ver = dec.decode(5).unwrap().to_vec();
     // The client sets the QUIC bit, the server might not.
     match role {
-        Role::Client => assert_eq!(type_and_ver[0] & 0xf0, 0xc0),
-        Role::Server => assert_eq!(type_and_ver[0] & 0xb0, 0x80),
+        Role::Client => {
+            if type_and_ver[0] & 0xf0 != 0xc0 {
+                return None;
+            }
+        }
+        Role::Server => {
+            if type_and_ver[0] & 0xb0 != 0x80 {
+                return None;
+            }
+        }
     }
     let dest_cid = dec.decode_vec(1).unwrap();
     let src_cid = dec.decode_vec(1).unwrap();
@@ -40,12 +49,12 @@ pub fn decode_initial_header(dgram: &Datagram, role: Role) -> (&[u8], &[u8], &[u
     // Need to read of the length separately so that we can find the packet number.
     let payload_len = usize::try_from(dec.decode_varint().unwrap()).unwrap();
     let pn_offset = dgram.len() - dec.remaining();
-    (
+    Some((
         &dgram[..pn_offset],
         dest_cid,
         src_cid,
         dec.decode(payload_len).unwrap(),
-    )
+    ))
 }
 
 /// Generate an AEAD and header protection object for a client Initial.