diff --git a/libavformat/mov.c b/libavformat/mov.c
index 68c81dede4d927a36e396788da267da08b7ea7f5..c9de693df0b6a6517d765b4f8ccb47b54c4acb18 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -1060,6 +1060,9 @@ static int mov_read_udta(MOVContext *c, ByteIOContext *pb, MOV_atom_t atom)
         uint32_t tag      = get_le32(pb);
         uint64_t next     = url_ftell(pb) + tag_size - 8;
 
+        if (next > end) // stop if tag_size is wrong
+            break;
+
         switch (tag) {
         case MKTAG(0xa9,'n','a','m'):
             mov_parse_udta_string(pb, c->fc->title,     sizeof(c->fc->title));