diff --git a/NEWS b/NEWS
index 0246645b..c0cf49ba 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,9 @@ GNU inetutils NEWS -- history of user-visible changes.
 out-of-bounds buffer access.  Reported by AiDai in
 <https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00003.html>.
 
+*** Avoid crash caused by heap buffer overflow.  Reported by ZFeiXQ in
+<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00016.html>.
+
 ** telnetd
 
 *** Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL).  CVE-2022-39028
diff --git a/ftp/domacro.c b/ftp/domacro.c
index fa37becb..7b2a8910 100644
--- a/ftp/domacro.c
+++ b/ftp/domacro.c
@@ -266,8 +266,23 @@ domacro (int argc, char *argv[])
 	      /* The arguments set at the time of invoking
 	       * the macro must be recovered, to be used
 	       * in parsing next line of macro definition.
+	       *
+	       * Executing a macro line can change "line"
+	       * to no longer provide sufficient space for
+	       * the saved line2 contents.
 	       */
-	      strcpy (line, line2);	/* Known to fit.  */
+	      if (strlen(line2) >= linelen)
+		{
+		  char *tmp = realloc (line, strlen(line2) + 1);
+		  if (tmp == NULL)
+		    {
+		      allocflg = 1;
+		      goto end_exec;
+		    }
+		  line = tmp;
+		  linelen = strlen(line2) + 1;
+		}
+	      strcpy (line, line2);
 	      makeargv ();		/* Get the arguments.  */
 	      argc = margc;
 	      argv = margv;