diff --git a/json_pointer.c b/json_pointer.c
index 6e5609d..5a3a7ef 100644
--- a/json_pointer.c
+++ b/json_pointer.c
@@ -79,6 +79,16 @@ static int is_valid_index(const char *path, size_t *idx)
 	// but ULLONG_MAX will be longer than any array length so that's ok.
 	*idx = strtoull(path, NULL, 10);
 
+	// Check against a maximum to prevent excessive memory allocations.
+	// An extremely large index, even if it doesn't overflow size_t,
+	// will cause a huge memory allocation request via realloc,
+	// leading to an OOM.
+	if (*idx > JSON_C_POINTER_MAX_ARRAY_IDX)
+	{
+    	errno = EINVAL;
+    	return 0;
+	}
+
 	return 1;
 }
 
diff --git a/json_pointer.h b/json_pointer.h
index dfe1185..a44a0f9 100644
--- a/json_pointer.h
+++ b/json_pointer.h
@@ -20,6 +20,14 @@
 extern "C" {
 #endif
 
+/**
+ * Maximum array index for JSON Pointer, preventing excessive memory allocations.
+ * The default value is 10,000,000.
+ */
+#ifndef JSON_C_POINTER_MAX_ARRAY_IDX
+#define JSON_C_POINTER_MAX_ARRAY_IDX 10000000
+#endif
+
 /**
  * Retrieves a JSON sub-object from inside another JSON object
  * using the JSON pointer notation as defined in RFC 6901