# http://security-tracker.debian.org/tracker/CVE-2012-4409
# http://www.openwall.com/lists/oss-security/2012/09/06/8
--- mcrypt-2.6.8/src/extra.c
+++ mcrypt-2.6.8/src/extra.c
@@ -242,6 +242,8 @@ int check_file_head(FILE * fstream, char
 			if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
 				*salt_size = m_setbit(0, sflag, 0);
 				if (*salt_size > 0) {
+					if (*salt_size > sizeof(tmp_buf))
+					    err_quit(_("Salt is too long\n"));
 					fread(tmp_buf, 1, *salt_size,
 					      fstream);
 					memmove(salt, tmp_buf, *salt_size);