diff --git a/ares/CHANGES b/ares/CHANGES
index 4c6b7b2284598159737393c5ece10bed6b858ba2..fcc41f04a31d92c21d7825553e46ca8f343cd889 100644
--- a/ares/CHANGES
+++ b/ares/CHANGES
@@ -3,6 +3,9 @@
 * Nov 26 2008 (Yang Tse)
 - Brad Spencer provided changes to allow buildconf to work on OS X.
 
+- Gerald Combs fixed a bug in ares_parse_ptr_reply() which would cause a
+  buffer to shrink instead of expand if a reply contained 8 or more records.
+
 * Nov 25 2008 (Yang Tse)
 - In preparation for the upcomming IPv6 nameservers patch, the internal
   ares_addr union is now changed into an internal struct which also holds
diff --git a/ares/ares_parse_ptr_reply.c b/ares/ares_parse_ptr_reply.c
index c5d8e14c8e7496efc087f4c8f734af3997b86d8d..54fb560b00d193c6a3d6ee61996c5f59e2af9558 100644
--- a/ares/ares_parse_ptr_reply.c
+++ b/ares/ares_parse_ptr_reply.c
@@ -55,6 +55,7 @@ int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr,
   char *ptrname, *hostname, *rr_name, *rr_data;
   struct hostent *hostent;
   int aliascnt = 0;
+  int alias_alloc = 8;
   char ** aliases;
 
   /* Set *host to NULL for all failure cases. */
@@ -84,7 +85,7 @@ int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr,
 
   /* Examine each answer resource record (RR) in turn. */
   hostname = NULL;
-  aliases = malloc(8 * sizeof(char *));
+  aliases = malloc(alias_alloc * sizeof(char *));
   if (!aliases)
     {
       free(ptrname);
@@ -125,9 +126,10 @@ int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr,
             }
           strncpy(aliases[aliascnt], rr_data, strlen(rr_data)+1);
           aliascnt++;
-          if ((aliascnt%8)==0) {
+          if (aliascnt >= alias_alloc) {
             char **ptr;
-            ptr = realloc(aliases, (aliascnt/16+1) * sizeof(char *));
+            alias_alloc *= 2;
+            ptr = realloc(aliases, alias_alloc * sizeof(char *));
             if(!ptr) {
               status = ARES_ENOMEM;
               break;