diff --git a/client/deps/hardnested/hardnested_bruteforce.c b/client/deps/hardnested/hardnested_bruteforce.c
index 7766b28d3..719cd62bd 100644
--- a/client/deps/hardnested/hardnested_bruteforce.c
+++ b/client/deps/hardnested/hardnested_bruteforce.c
@@ -78,6 +78,8 @@ THE SOFTWARE.
 #define DEBUG_KEY_ELIMINATION           1
 // #define DEBUG_BRUTE_FORCE
 
+#define MIN_BUCKETS_SIZE                128
+
 typedef enum {
     EVEN_STATE = 0,
     ODD_STATE = 1
@@ -88,7 +90,8 @@ static uint32_t bf_test_nonce[256];
 static uint8_t bf_test_nonce_2nd_byte[256];
 static uint8_t bf_test_nonce_par[256];
 static uint32_t bucket_count = 0;
-static statelist_t *buckets[128];
+static size_t buckets_allocated = 0;
+static statelist_t **buckets = NULL;
 static uint32_t keys_found = 0;
 static uint64_t num_keys_tested;
 static uint64_t found_bs_key = 0;
@@ -294,6 +297,26 @@ static void write_benchfile(statelist_t *candidates) {
 #endif
 
 
+static bool ensure_buckets_alloc(size_t need_buckets) {
+    if (need_buckets > buckets_allocated) {
+        size_t alloc_sz = ((buckets_allocated == 0) ? MIN_BUCKETS_SIZE : (buckets_allocated * 2));
+        while (need_buckets > alloc_sz) {
+            alloc_sz *= 2;
+        }
+
+        buckets = realloc(buckets, sizeof(statelist_t *) * alloc_sz);
+        if (buckets == NULL) {
+            buckets_allocated = 0;
+            return false;
+        }
+        memset(buckets + buckets_allocated, 0, (alloc_sz - buckets_allocated) * sizeof(statelist_t *));
+        buckets_allocated = alloc_sz;
+    }
+
+    return true;
+}
+
+
 bool brute_force_bs(float *bf_rate, statelist_t *candidates, uint32_t cuid, uint32_t num_acquired_nonces, uint64_t maximum_states, noncelist_t *nonces, uint8_t *best_first_bytes, uint64_t *found_key) {
 #if defined (WRITE_BENCH_FILE)
     write_benchfile(candidates);
@@ -310,6 +333,11 @@ bool brute_force_bs(float *bf_rate, statelist_t *candidates, uint32_t cuid, uint
     bucket_count = 0;
     for (statelist_t *p = candidates; p != NULL; p = p->next) {
         if (p->states[ODD_STATE] != NULL && p->states[EVEN_STATE] != NULL) {
+            if (!ensure_buckets_alloc(bucket_count + 1)) {
+                PrintAndLogEx(ERR, "Can't allocate buckets, abort!");
+                return false;
+            }
+
             buckets[bucket_count] = p;
             bucket_count++;
         }
@@ -347,6 +375,10 @@ bool brute_force_bs(float *bf_rate, statelist_t *candidates, uint32_t cuid, uint
         pthread_join(threads[i], 0);
     }
 
+    free(buckets);
+    buckets = NULL;
+    buckets_allocated = 0;
+
     uint64_t elapsed_time = msclock() - start_time;
 
     if (bf_rate != NULL)