diff --git a/snapshot/BUILD.gn b/snapshot/BUILD.gn
index ea2412a0..b3315982 100644
--- a/snapshot/BUILD.gn
+++ b/snapshot/BUILD.gn
@@ -492,6 +492,7 @@ bundle_data("snapshot_test_ios_data") {
   sources = [
     "ios/testdata/crash-1fa088dda0adb41459d063078a0f384a0bb8eefa",
     "ios/testdata/crash-5726011582644224",
+    "ios/testdata/crash-6605504629637120",
   ]
 
   outputs = [ "{{bundle_resources_dir}}/crashpad_test_data/" +
diff --git a/snapshot/ios/process_snapshot_ios_intermediate_dump_test.cc b/snapshot/ios/process_snapshot_ios_intermediate_dump_test.cc
index 44a7b775..1a994bdb 100644
--- a/snapshot/ios/process_snapshot_ios_intermediate_dump_test.cc
+++ b/snapshot/ios/process_snapshot_ios_intermediate_dump_test.cc
@@ -679,6 +679,11 @@ TEST_F(ProcessSnapshotIOSIntermediateDumpTest, FuzzTestCases) {
   map = process_snapshot2.AnnotationsSimpleMap();
   ASSERT_TRUE(map.find("crashpad_intermediate_dump_incomplete") != map.end());
   EXPECT_EQ(map["crashpad_intermediate_dump_incomplete"], "yes");
+
+  fuzz_path = TestPaths::TestDataRoot().Append(
+      FILE_PATH_LITERAL("snapshot/ios/testdata/crash-6605504629637120"));
+  crashpad::internal::ProcessSnapshotIOSIntermediateDump process_snapshot3;
+  EXPECT_FALSE(process_snapshot3.InitializeWithFilePath(fuzz_path, {}));
 }
 
 }  // namespace
diff --git a/snapshot/ios/testdata/crash-6605504629637120 b/snapshot/ios/testdata/crash-6605504629637120
new file mode 100644
index 00000000..1e041d90
Binary files /dev/null and b/snapshot/ios/testdata/crash-6605504629637120 differ
diff --git a/util/ios/ios_intermediate_dump_reader.cc b/util/ios/ios_intermediate_dump_reader.cc
index 022133bc..d9610f65 100644
--- a/util/ios/ios_intermediate_dump_reader.cc
+++ b/util/ios/ios_intermediate_dump_reader.cc
@@ -70,6 +70,12 @@ bool IOSIntermediateDumpReader::Parse(FileReaderInterface* reader,
   }
 
   while (reader->ReadExactly(&command, sizeof(Command))) {
+    constexpr int kMaxStackDepth = 10;
+    if (stack.size() > kMaxStackDepth) {
+      LOG(ERROR) << "Unexpected depth of intermediate dump data.";
+      return false;
+    }
+
     IOSIntermediateDumpObject* parent = stack.top();
     switch (command) {
       case Command::kMapStart: {