diff --git a/libavformat/rtspdec.c b/libavformat/rtspdec.c
index e0bdf9d4ac..4f970d4c89 100644
--- a/libavformat/rtspdec.c
+++ b/libavformat/rtspdec.c
@@ -191,7 +191,7 @@ static int rtsp_read_announce(AVFormatContext *s)
         rtsp_send_reply(s, RTSP_STATUS_SERVICE, NULL, request.seq);
         return AVERROR_OPTION_NOT_FOUND;
     }
-    if (request.content_length > 0) {
+    if (request.content_length > 0 && request.content_length <= SDP_MAX_SIZE) {
         sdp = av_malloc(request.content_length + 1);
         if (!sdp)
             return AVERROR(ENOMEM);