diff --git a/changes/bug21280 b/changes/bug21280
new file mode 100644
index 000000000..e9f0bc174
--- /dev/null
+++ b/changes/bug21280
@@ -0,0 +1,5 @@
+  o Minor bugfixes (tor-resolve):
+    - The tor-resolve command line tool now rejects hostnames over 255
+      characters in length. Previously, it would silently truncate
+      them, which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
+      Patch by "junglefowl".
diff --git a/src/tools/tor-resolve.c b/src/tools/tor-resolve.c
index 29f85c4d1..6ac866d3c 100644
--- a/src/tools/tor-resolve.c
+++ b/src/tools/tor-resolve.c
@@ -80,6 +80,10 @@ build_socks_resolve_request(char **out,
     }
     ipv6 = reverse && tor_addr_family(&addr) == AF_INET6;
     addrlen = reverse ? (ipv6 ? 16 : 4) : 1 + strlen(hostname);
+    if (addrlen > UINT8_MAX) {
+      log_err(LD_GENERAL, "Hostname is too long!");
+      return -1;
+    }
     len = 6 + addrlen;
     *out = tor_malloc(len);
     (*out)[0] = 5; /* SOCKS version 5 */