diff --git a/CHANGELOG b/CHANGELOG
index 4b5a14b..e42bf42 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -48,6 +48,7 @@
 - expand export access checks to include missing syntax options.
 - make "-hosts" module try to be sensitive to exports list changes.
 - change mount "device" from "automount" to the map name.
+- check for buffer overflow in mount_afs.c.
 
 1/9/2006 autofs-5.0.1 rc2
 -------------------------
diff --git a/modules/mount_afs.c b/modules/mount_afs.c
index 252302e..3b4261a 100644
--- a/modules/mount_afs.c
+++ b/modules/mount_afs.c
@@ -30,11 +30,18 @@ int mount_init(void **context)
 int mount_mount(struct autofs_point *ap, const char *root, const char *name, int name_len,
 		const char *what, const char *fstype, const char *options, void *context)
 {
-	char dest[PATH_MAX * 2];
-
-	strcpy(dest, root);	/* Convert the name to a mount point. */
-	strncat(dest, "/", sizeof(dest));
-	strncat(dest, name, sizeof(dest));
+	/* PATH_MAX is allegedly longest path allowed */
+	char dest[PATH_MAX + 1];
+	size_t r_len = strlen(root);
+	size_t d_len = r_len + name_len + 2;
+
+	if (d_len > PATH_MAX)
+		return 1;
+
+	/* Convert the name to a mount point. */
+	strcpy(dest, root);
+	strcat(dest, "/");
+	strcat(dest, name);
 
 	/* remove trailing slash (http://bugs.debian.org/141775) */
 	if (dest[strlen(dest)-1] == '/')