diff --git a/sys/dev/firewire/sbp.c b/sys/dev/firewire/sbp.c
index bc0b59fe2fd..8953be7e11f 100644
--- a/sys/dev/firewire/sbp.c
+++ b/sys/dev/firewire/sbp.c
@@ -2367,6 +2367,11 @@ END_DEBUG
 			xpt_done(ccb);
 			return;
 		}
+		if (csio->cdb_len > sizeof(ocb->orb) - 5 * sizeof(uint32_t)) {
+			ccb->ccb_h.status = CAM_REQ_INVALID;
+			xpt_done(ccb);
+			return;
+		}
 #if 0
 		/* if we are in probe stage, pass only probe commands */
 		if (sdev->status == SBP_DEV_PROBE) {