diff --git a/usr.sbin/kldxref/ef.c b/usr.sbin/kldxref/ef.c
index b68389801345..88fbc34a43b6 100644
--- a/usr.sbin/kldxref/ef.c
+++ b/usr.sbin/kldxref/ef.c
@@ -47,6 +47,7 @@
 
 #include "ef.h"
 
+#define	MAXSEGS 2
 struct ef_file {
 	char*		ef_name;
 	struct elf_file *ef_efile;
@@ -68,7 +69,7 @@ struct ef_file {
 	Elf_Off		ef_symoff;
 	Elf_Sym*	ef_symtab;
 	int		ef_nsegs;
-	Elf_Phdr *	ef_segs[2];
+	Elf_Phdr *	ef_segs[MAXSEGS];
 	int		ef_verbose;
 	Elf_Rel *	ef_rel;			/* relocation table */
 	int		ef_relsz;		/* number of entries */
@@ -580,12 +581,9 @@ ef_open(const char *filename, struct elf_file *efile, int verbose)
 				ef_print_phdr(phdr);
 			switch (phdr->p_type) {
 			case PT_LOAD:
-				if (nsegs == 2) {
-					warnx("%s: too many sections",
-					    filename);
-					break;
-				}
-				ef->ef_segs[nsegs++] = phdr;
+				if (nsegs < MAXSEGS)
+					ef->ef_segs[nsegs] = phdr;
+				nsegs++;
 				break;
 			case PT_PHDR:
 				break;
@@ -597,12 +595,15 @@ ef_open(const char *filename, struct elf_file *efile, int verbose)
 		}
 		if (verbose > 1)
 			printf("\n");
-		ef->ef_nsegs = nsegs;
 		if (phdyn == NULL) {
 			warnx("Skipping %s: not dynamically-linked",
 			    filename);
 			break;
+		} else if (nsegs > MAXSEGS) {
+			warnx("%s: too many sections", filename);
+			break;
 		}
+		ef->ef_nsegs = nsegs;
 		if (ef_read_entry(ef, phdyn->p_offset,
 			phdyn->p_filesz, (void**)&ef->ef_dyn) != 0) {
 			printf("ef_read_entry failed\n");