2 files changed, 3 insertions, 2 deletions

diff --git a/fxjs/fxjs_v8.cpp b/fxjs/fxjs_v8.cpp
index b0e1a1b260..5f9426b643 100644
--- a/fxjs/fxjs_v8.cpp
+++ b/fxjs/fxjs_v8.cpp
@@ -144,11 +144,11 @@ static v8::Local<v8::ObjectTemplate> GetGlobalObjectTemplate(
 }
 
 void* FXJS_ArrayBufferAllocator::Allocate(size_t length) {
-  return calloc(1, length);
+  return length <= kMaxAllowedBytes ? calloc(1, length) : nullptr;
 }
 
 void* FXJS_ArrayBufferAllocator::AllocateUninitialized(size_t length) {
-  return malloc(length);
+  return length < kMaxAllowedBytes ? malloc(length) : nullptr;
 }
 
 void FXJS_ArrayBufferAllocator::Free(void* data, size_t length) {
diff --git a/fxjs/fxjs_v8.h b/fxjs/fxjs_v8.h
index 50b0b2c6d0..bdcf425f53 100644
--- a/fxjs/fxjs_v8.h
+++ b/fxjs/fxjs_v8.h
@@ -111,6 +111,7 @@ class FXJS_PerIsolateData {
 };
 
 class FXJS_ArrayBufferAllocator : public v8::ArrayBuffer::Allocator {
+  static const size_t kMaxAllowedBytes = 0x10000000;
   void* Allocate(size_t length) override;
   void* AllocateUninitialized(size_t length) override;
   void Free(void* data, size_t length) override;