--- /dev/null
+--- a/iptables/iptables-restore.c
++++ b/iptables/iptables-restore.c
+@@ -129,6 +129,10 @@ static void add_param_to_argv(char *pars
+ * longer a real hacker, but I can live with that */
+
+ for (curchar = parsestart; *curchar; curchar++) {
++ if (param_len >= sizeof(param_buffer))
++ xtables_error(PARAMETER_PROBLEM,
++ "Parameter too long!");
++
+ if (quote_open) {
+ if (escaped) {
+ param_buffer[param_len++] = *curchar;