diff --git a/CHANGES b/CHANGES
index 5ab51ac4d4..0f3f485954 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,8 @@
+3251.	[bug]		Enforce a upper bound (65535 bytes) on the amount of
+			memory dns_sdlz_putrr() can allocate per record to
+			prevent run away memory consumption on ISC_R_NOSPACE.
+			[RT #26956]
+
 3250.	[func]		'configure --enable-developer'; turn on various
 			configure options, normally off by default, that
 			we want developers to build and test with. [RT #27103]
diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c
index e1625d8428..358dce8640 100644
--- a/lib/dns/sdlz.c
+++ b/lib/dns/sdlz.c
@@ -50,7 +50,7 @@
  * USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: sdlz.c,v 1.31.8.2 2011/03/21 19:53:34 each Exp $ */
+/* $Id: sdlz.c,v 1.31.8.3 2011/12/22 07:16:32 marka Exp $ */
 
 /*! \file */
 
@@ -1836,7 +1836,11 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl,
 					    &lookup->callbacks);
 		if (result != ISC_R_SUCCESS)
 			isc_buffer_free(&rdatabuf);
+		if (size >= 65535)
+			break;
 		size *= 2;
+		if (size >= 65535)
+			size = 65535;
 	} while (result == ISC_R_NOSPACE);
 
 	if (result != ISC_R_SUCCESS)