diff --git a/format/mp4/mp4io/mp4io.go b/format/mp4/mp4io/mp4io.go
index dfa99d5..ce410d1 100644
--- a/format/mp4/mp4io/mp4io.go
+++ b/format/mp4/mp4io/mp4io.go
@@ -387,6 +387,10 @@ func ReadFileAtoms(r io.ReadSeeker) (atoms []Atom, err error) {
 			return
 		}
 		size := pio.U32BE(taghdr[0:])
+		if size > 5242880 {
+			err = parseErr("len", 5242880, err)
+			return 
+		}
 		tag := Tag(pio.U32BE(taghdr[4:]))
 
 		var atom Atom