diff --git a/sbin/ipf/libipf/interror.c b/sbin/ipf/libipf/interror.c
--- a/sbin/ipf/libipf/interror.c
+++ b/sbin/ipf/libipf/interror.c
@@ -356,6 +356,7 @@
 	{	60074,	"unknown next address type (ipv6)" },
 	{	60075,	"one object at a time must be copied" },
 	{	60076,	"NAT ioctl denied in jail without VNET" },
+	{	60077,	"NAT length of interface name is incorrect"},
 /* -------------------------------------------------------------------------- */
 	{	70001,	"incorrect object size to get pool stats" },
 	{	70002,	"could not malloc memory for new pool node" },
diff --git a/sys/netpfil/ipfilter/netinet/ip_nat.c b/sys/netpfil/ipfilter/netinet/ip_nat.c
--- a/sys/netpfil/ipfilter/netinet/ip_nat.c
+++ b/sys/netpfil/ipfilter/netinet/ip_nat.c
@@ -1543,6 +1543,10 @@
 	/*
 	 * Initialise all of the address fields.
 	 */
+	if (strnlen(n->in_names, MAX_IFNAME_LENGTH) > n->in_namelen && n->in_namelen >= MAX_IFNAME_LENGTH) {
+		IPFERROR(60077);
+		return (EINVAL);
+	}
 	error = ipf_nat_nextaddrinit(softc, n->in_names, &n->in_osrc, 1,
 				     n->in_ifps[idx]);
 	if (error != 0)