--- source/nmbd/nmbd_packets.c.orig	2007-11-02 23:21:50.000000000 +0100
+++ source/nmbd/nmbd_packets.c	2007-11-02 23:23:09.000000000 +0100
@@ -963,6 +963,12 @@
 	nmb->answers->ttl      = ttl;
   
 	if (data && len) {
+		if (len < 0 || len > sizeof(nmb->answers->rdata)) {
+			DEBUG(5,("reply_netbios_packet: "
+				"invalid packet len (%d)\n",
+				len ));
+			return;
+		}
 		nmb->answers->rdlength = len;
 		memcpy(nmb->answers->rdata, data, len);
 	}