diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index dcea0efe8..f4237042e 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,8 @@
+2005-12-08  Corinna Vinschen  <corinna@vinschen.de>
+
+	* fhandler_raw.cc (fhandler_dev_raw::ioctl): Only allow 0, 1 or a
+	multiple of 512 as new buffersize.
+
 2005-12-08  Pekka Pessi <ppessi@gmail.com>
 	    Corinna Vinschen  <corinna@vinschen.de>
 
diff --git a/winsup/cygwin/fhandler_raw.cc b/winsup/cygwin/fhandler_raw.cc
index e4d4e3660..00d023e7e 100644
--- a/winsup/cygwin/fhandler_raw.cc
+++ b/winsup/cygwin/fhandler_raw.cc
@@ -157,8 +157,14 @@ fhandler_dev_raw::ioctl (unsigned int cmd, void *buf)
 		mop.mt_count = op->rd_parm;
 		ret = ioctl (MTIOCTOP, &mop);
 	      }
-	    else if (devbuf && ((op->rd_parm <= 1 && (devbufend - devbufstart))
-				|| op->rd_parm < devbufend - devbufstart))
+	    else if ((devbuf && ((op->rd_parm <= 1 && (devbufend - devbufstart))
+				 || op->rd_parm < devbufend - devbufstart))
+		     || (op->rd_parm > 1 && (op->rd_parm % 512)))
+	      /* The conditions for a *valid* parameter are these:
+	         - If there's still data in the current buffer, it must
+		   fit in the new buffer.
+		 - The new size is either 0 or 1, both indicating unbufferd
+		   I/O, or the new buffersize must be a multiple of 512. */
 	      ret = ERROR_INVALID_PARAMETER;
 	    else if (!devbuf || op->rd_parm != devbufsiz)
 	      {