diff --git a/CHANGES b/CHANGES
index 127c7dfa86..aa9fc86af4 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,8 @@
+3251.	[bug]		Enforce a upper bound (65535 bytes) on the amount of
+			memory dns_sdlz_putrr() can allocate per record to
+			prevent run away memory consumption on ISC_R_NOSPACE.
+			[RT #26956]
+
 3250.	[func]		'configure --enable-developer'; turn on various
 			configure options, normally off by default, that
 			we want developers to build and test with. [RT #27103]
diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c
index 0bb1e0e9fb..12b734ef1f 100644
--- a/lib/dns/sdlz.c
+++ b/lib/dns/sdlz.c
@@ -50,7 +50,7 @@
  * USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: sdlz.c,v 1.34 2011/10/11 00:09:03 each Exp $ */
+/* $Id: sdlz.c,v 1.35 2011/12/22 07:15:05 marka Exp $ */
 
 /*! \file */
 
@@ -1860,7 +1860,11 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl,
 					    &lookup->callbacks);
 		if (result != ISC_R_SUCCESS)
 			isc_buffer_free(&rdatabuf);
+		if (size >= 65535)
+			break;
 		size *= 2;
+		if (size >= 65535)
+			size = 65535;
 	} while (result == ISC_R_NOSPACE);
 
 	if (result != ISC_R_SUCCESS)