diff --git a/CHANGES b/CHANGES
index 44205c7a1e..227331469b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+3795.	[bug]		Make named-checkconf detect raw masterfiles for
+			hint zones and reject them. [RT #35268]
+
 3794.	[maint]		Added AAAA for C.ROOT-SERVERS.NET.
 
 3793.	[bug]		zone.c:save_nsec3param() could assert when out of
diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c
index fd3795a57f..5b3278eb2d 100644
--- a/bin/check/named-checkconf.c
+++ b/bin/check/named-checkconf.c
@@ -142,18 +142,6 @@ get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) {
 	}
 }
 
-static isc_result_t
-config_get(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) {
-	int i;
-
-	for (i = 0;; i++) {
-		if (maps[i] == NULL)
-			return (ISC_R_NOTFOUND);
-		if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS)
-			return (ISC_R_SUCCESS);
-	}
-}
-
 static isc_result_t
 configure_hint(const char *zfile, const char *zclass, isc_mem_t *mctx) {
 	isc_result_t result;
@@ -366,8 +354,7 @@ configure_zone(const char *vclass, const char *view,
 
 	masterformat = dns_masterformat_text;
 	fmtobj = NULL;
-	result = config_get(maps, "masterfile-format", &fmtobj);
-	if (result == ISC_R_SUCCESS) {
+	if (get_maps(maps, "masterfile-format", &fmtobj)) {
 		const char *masterformatstr = cfg_obj_asstring(fmtobj);
 		if (strcasecmp(masterformatstr, "text") == 0)
 			masterformat = dns_masterformat_text;
diff --git a/bin/tests/system/checkconf/bad-hint.conf b/bin/tests/system/checkconf/bad-hint.conf
new file mode 100644
index 0000000000..eef12f1ba4
--- /dev/null
+++ b/bin/tests/system/checkconf/bad-hint.conf
@@ -0,0 +1,5 @@
+zone "." {
+	type hint;
+	masterfile-format raw;
+	file "hint";
+};
diff --git a/lib/bind9/check.c b/lib/bind9/check.c
index db4a4099a9..93fc0d6281 100644
--- a/lib/bind9/check.c
+++ b/lib/bind9/check.c
@@ -1367,7 +1367,7 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions,
 	{ "integrity-check", MASTERZONE },
 	{ "check-mx-cname", MASTERZONE },
 	{ "check-srv-cname", MASTERZONE },
-	{ "masterfile-format", MASTERZONE | SLAVEZONE | STUBZONE | HINTZONE |
+	{ "masterfile-format", MASTERZONE | SLAVEZONE | STUBZONE |
 	  REDIRECTZONE },
 	{ "update-check-ksk", MASTERZONE | SLAVEZONE },
 	{ "dnssec-dnskey-kskonly", MASTERZONE | SLAVEZONE },