diff --git a/sbin/sysctl/sysctl.c b/sbin/sysctl/sysctl.c
--- a/sbin/sysctl/sysctl.c
+++ b/sbin/sysctl/sysctl.c
@@ -1030,7 +1030,8 @@
 	}
 
 	/* keep track of encountered skip nodes, ignoring descendants */
-	if (skip_len == 0 && (kind & CTLFLAG_SKIP) != 0) {
+	if ((skip_len == 0 || skip_len >= nlen * (int)sizeof(int)) &&
+	    (kind & CTLFLAG_SKIP) != 0) {
 		/* Save this oid so we can skip descendants. */
 		skip_len = nlen * sizeof(int);
 		memcpy(skip_oid, oid, skip_len);