--- a/iptables/iptables-restore.c
+++ b/iptables/iptables-restore.c
@@ -129,6 +129,10 @@ static void add_param_to_argv(char *pars
 	 * longer a real hacker, but I can live with that */
 
 	for (curchar = parsestart; *curchar; curchar++) {
+		if (param_len >= sizeof(param_buffer))
+			xtables_error(PARAMETER_PROBLEM,
+			"Parameter too long!");
+
 		if (quote_open) {
 			if (escaped) {
 				param_buffer[param_len++] = *curchar;