diff --git a/services/distributeddataservice/libs/distributeddb/common/src/schema_negotiate.cpp b/services/distributeddataservice/libs/distributeddb/common/src/schema_negotiate.cpp
index 3bd78a2e4d8f2fa4eab13f49e065b4ed0da4f17b..c6b147c6be60f0fd320c2645b74c97819d20867d 100644
--- a/services/distributeddataservice/libs/distributeddb/common/src/schema_negotiate.cpp
+++ b/services/distributeddataservice/libs/distributeddb/common/src/schema_negotiate.cpp
@@ -225,6 +225,10 @@ int SchemaNegotiate::DeserializeData(Parcel &parcel, RelationalSyncOpinion &opin
     uint32_t opinionSize;
     (void)parcel.ReadUInt32(opinionSize);
     (void)parcel.EightByteAlign();
+    static const uint32_t MAX_OPINION_SIZE = 1024; // max 1024 opinions
+    if (parcel.IsError() || opinionSize > MAX_OPINION_SIZE) {
+        return -E_INVALID_ARGS;
+    }
     for (uint32_t i = 0; i < opinionSize; i++) {
         std::string tableName;
         SyncOpinion tableOpinion;