diff -rupN --no-dereference Pillow-5.4.1/src/PIL/FpxImagePlugin.py Pillow-5.4.1-new/src/PIL/FpxImagePlugin.py
--- Pillow-5.4.1/src/PIL/FpxImagePlugin.py	2019-01-06 13:12:16.000000000 +0100
+++ Pillow-5.4.1-new/src/PIL/FpxImagePlugin.py	2020-02-13 14:44:21.750013854 +0100
@@ -101,7 +101,10 @@ class FpxImageFile(ImageFile.ImageFile):
         s = prop[0x2000002 | id]
 
         colors = []
-        for i in range(i32(s, 4)):
+        bands = i32(s, 4)
+        if bands > 4:
+            raise IOError("Invalid number of bands")
+        for i in range(bands):
             # note: for now, we ignore the "uncalibrated" flag
             colors.append(i32(s, 8+i*4) & 0x7fffffff)
 
diff -rupN --no-dereference Pillow-5.4.1/Tests/test_file_fpx.py Pillow-5.4.1-new/Tests/test_file_fpx.py
--- Pillow-5.4.1/Tests/test_file_fpx.py	2019-01-06 13:12:16.000000000 +0100
+++ Pillow-5.4.1-new/Tests/test_file_fpx.py	2020-02-13 14:44:21.750013854 +0100
@@ -22,6 +22,10 @@ class TestFileFpx(PillowTestCase):
         self.assertRaises(SyntaxError,
                           FpxImagePlugin.FpxImageFile, ole_file)
 
+    def test_fpx_invalid_number_of_bands(self):
+        with self.assertRaisesRegex(IOError, "Invalid number of bands"):
+            Image.open("Tests/images/input_bw_five_bands.fpx")
+
 
 if __name__ == '__main__':
     unittest.main()