diff --git a/CHANGES b/CHANGES
index e74e7a5..0204c31 100644
--- a/CHANGES
+++ b/CHANGES
@@ -14,6 +14,7 @@ Release 8.2-pre
 * Fixed a bug where the cisco-enable module was not working with the password-only logon mode
 * Fixed an out of memory bug in http-form
 * Fixed imap PLAIN method
+* Fixed -x option to bail if it would generate too many passwords (more than 4 billion)
 * Added warning if HYDRA_PROXY_CONNECT environment is detected, that is an outdated setting
 * Added --fhs switch to configure (for Linux distribution usage)
 * ... your patch?
diff --git a/bfg.c b/bfg.c
index 985696e..46be0ca 100644
--- a/bfg.c
+++ b/bfg.c
@@ -158,11 +158,18 @@ int bf_init(char *arg) {
 
 unsigned long int bf_get_pcount() {
   int i;
-  unsigned long int count = 0;
+  double count = 0;
+  unsigned long int foo;
 
   for (i = bf_options.from; i <= bf_options.to; i++)
-    count += (unsigned long int) (pow((float) bf_options.crs_len, (float) i));
-  return count;
+    count += (pow((double) bf_options.crs_len, (double) i));
+  if (count >= 0xffffffff) {
+    fprintf(stderr, "\n[ERROR] definition for password bruteforce (-x) generates more than 4 billion passwords\n");
+    exit(-1);
+  }
+
+  foo = count / 1;
+  return foo;
 }