diff --git a/services/services/sa_media/ipc/recorder_profiles_parcel.cpp b/services/services/sa_media/ipc/recorder_profiles_parcel.cpp
index 10a8801711ad4cad1f71a5ab8cbdb784e9c7ccb4..5f999d277354beb977b4d870af3bf7b9ba250344 100644
--- a/services/services/sa_media/ipc/recorder_profiles_parcel.cpp
+++ b/services/services/sa_media/ipc/recorder_profiles_parcel.cpp
@@ -144,6 +144,11 @@ bool RecorderProfilesParcel::Unmarshalling(
     MessageParcel &parcel, std::vector<RecorderProfilesData> &profileCapabilityDataArray)
 {
     uint32_t size = parcel.ReadUint32();
+    const int MAX_PARCEL_SIZE = 1000;
+    if (size > MAX_PARCEL_SIZE) {
+        MEDIA_LOGE("failed to Unmarshalling profileCapabilityDataArray, array is too large");
+        return false;
+    }
     for (uint32_t index = 0; index < size; index++) {
         RecorderProfilesData profileCapabilityData;
         UnmarshallingRecorderProfilesData(parcel, profileCapabilityData);