diff --git a/ChangeLog b/ChangeLog
index d41468f36..efc06fbfe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ PolarSSL ChangeLog
 Security
    * Fix potential invalid memory read in the server, that allows a client to
      crash it remotely (found by Caj Larsson).
+   * Fix potential invalid memory read in certificate parsing, that allows a
+     client to crash the server remotely if client authentication is enabled
+     (found using Codenomicon Defensics).
 
 Bugfix
    * Fix bug in Via Padlock support (found by Nikos Mavrogiannopoulos).
diff --git a/library/x509parse.c b/library/x509parse.c
index 3040621ea..c98145b18 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -519,8 +519,7 @@ static int x509_get_sig( unsigned char **p,
     if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
         return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + ret );
 
-
-    if( --len < 1 || *(*p)++ != 0 )
+    if( len-- < 2 || *(*p)++ != 0 )
         return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE );
 
     sig->len = len;