diff --git a/libavformat/id3v2.c b/libavformat/id3v2.c
index 4d44c3c269..7797cca091 100644
--- a/libavformat/id3v2.c
+++ b/libavformat/id3v2.c
@@ -456,8 +456,22 @@ static void ff_id3v2_parse(AVFormatContext *s, int len, uint8_t version, uint8_t
 
     unsync = flags & 0x80;
 
-    if (isv34 && flags & 0x40) /* Extended header present, just skip over it */
-        avio_skip(s->pb, get_size(s->pb, 4));
+    /* Extended header present, just skip over it */
+    if (isv34 && flags & 0x40) {
+        int size = get_size(s->pb, 4);
+        if (size < 6) {
+            reason = "extended header too short.";
+            goto error;
+        }
+        len -= size;
+        if (len < 0) {
+            reason = "extended header too long.";
+            goto error;
+        }
+        /* already seeked past size, skip the reset */
+        size -= 4;
+        avio_skip(s->pb, size);
+    }
 
     while (len >= taghdrlen) {
         unsigned int tflags = 0;