From eaab841cfbad405969118cabf2b34272804353d7 Mon Sep 17 00:00:00 2001
From: Andrey Semochkin <admin@wetel.ru>
Date: Mon, 20 Nov 2023 10:00:15 +0300
Subject: [PATCH] Update mp4io.go

---
 format/mp4/mp4io/mp4io.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/format/mp4/mp4io/mp4io.go b/format/mp4/mp4io/mp4io.go
index dfa99d5..ce410d1 100644
--- a/format/mp4/mp4io/mp4io.go
+++ b/format/mp4/mp4io/mp4io.go
@@ -387,6 +387,10 @@ func ReadFileAtoms(r io.ReadSeeker) (atoms []Atom, err error) {
 			return
 		}
 		size := pio.U32BE(taghdr[0:])
+		if size > 5242880 {
+			err = parseErr("len", 5242880, err)
+			return 
+		}
 		tag := Tag(pio.U32BE(taghdr[4:]))
 
 		var atom Atom