diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c
index 43ab6bfa7311..b5b6136b60c0 100644
--- a/libexec/ftpd/ftpd.c
+++ b/libexec/ftpd/ftpd.c
@@ -188,6 +188,13 @@ static int	auth_pam __P((struct passwd**, const char*));
 
 char	*pid_file = NULL;
 
+/*
+ * Limit number of pathnames that glob can return.
+ * A limit of 0 indicates the number of pathnames is unlimited.
+ */
+#define MAXGLOBARGS	16384
+#
+
 /*
  * Timeout intervals for retrying connections
  * to hosts that don't accept PORT cmds.  This
@@ -2621,6 +2628,8 @@ send_file_list(whichf)
 		int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
 
 		memset(&gl, 0, sizeof(gl));
+		gl.gl_matchc = MAXGLOBARGS;
+		flags |= GLOB_MAXPATH;
 		freeglob = 1;
 		if (glob(whichf, flags, 0, &gl)) {
 			reply(550, "not found");
diff --git a/libexec/ftpd/popen.c b/libexec/ftpd/popen.c
index 74f34e3d9c66..e8d3cfb14a8f 100644
--- a/libexec/ftpd/popen.c
+++ b/libexec/ftpd/popen.c
@@ -107,6 +107,8 @@ ftpd_popen(program, type)
 		int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
 
 		memset(&gl, 0, sizeof(gl));
+		gl.gl_matchc = MAXGLOBARGS;
+		flags |= GLOB_MAXPATH;
 		if (glob(argv[argc], flags, NULL, &gl))
 			gargv[gargc++] = strdup(argv[argc]);
 		else