diff --git a/src/buffer.c b/src/buffer.c
index 5f5dfb50..54c17ded 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -52,6 +52,9 @@ struct ssh_buffer_struct {
     uint8_t *data;
 };
 
+/* Buffer size maximum is 256M */
+#define BUFFER_SIZE_MAX 0x10000000
+
 /**
  * @defgroup libssh_buffer The SSH buffer functions.
  * @ingroup libssh
@@ -191,6 +194,10 @@ static int realloc_buffer(struct ssh_buffer_struct *buffer, size_t needed)
     }
     needed = smallest;
 
+    if (needed > BUFFER_SIZE_MAX) {
+        return -1;
+    }
+
     if (buffer->secure) {
         new = malloc(needed);
         if (new == NULL) {