--- cracklib2-2.8.19.orig/lib/fascist.c
+++ cracklib2-2.8.19/lib/fascist.c
@@ -509,7 +509,7 @@ FascistGecos(password, uid)
     size_t sbufferlen = LINE_MAX;
 #endif
     char *uwords[STRINGSIZE];
-    char longbuffer[STRINGSIZE * 2];
+    char longbuffer[STRINGSIZE];
 
 #ifdef HAVE_GETPWUID_R
     sbuffer = malloc(sbufferlen);
@@ -636,58 +636,67 @@ FascistGecos(password, uid)
     {
 	for (i = 0; i < j; i++)
 	{
-	    strcpy(longbuffer, uwords[i]);
-	    strcat(longbuffer, uwords[j]);
-
-	    if (GTry(longbuffer, password))
+	    if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
 	    {
-	        if (sbuffer)
-	        {
-	       	    free(sbuffer);
-		    sbuffer = NULL;
-	        }
-		return _("it is derived from your password entry");
-	    }
-
-	    strcpy(longbuffer, uwords[j]);
-	    strcat(longbuffer, uwords[i]);
+		strcpy(longbuffer, uwords[i]);
+		strcat(longbuffer, uwords[j]);
 
-	    if (GTry(longbuffer, password))
-	    {
-	        if (sbuffer)
-	        {
-	       	    free(sbuffer);
-		    sbuffer = NULL;
-	        }
-		return _("it's derived from your password entry");
+		if (GTry(longbuffer, password))
+		{
+		    if (sbuffer)
+		    {
+			free(sbuffer);
+			sbuffer = NULL;
+		    }
+		    return _("it is derived from your password entry");
+		}
+
+		strcpy(longbuffer, uwords[j]);
+		strcat(longbuffer, uwords[i]);
+
+		if (GTry(longbuffer, password))
+		{
+		    if (sbuffer)
+		    {
+			free(sbuffer);
+			sbuffer = NULL;
+		    }
+		    return _("it's derived from your password entry");
+		}
 	    }
 
-	    longbuffer[0] = uwords[i][0];
-	    longbuffer[1] = '\0';
-	    strcat(longbuffer, uwords[j]);
-
-	    if (GTry(longbuffer, password))
+	    if (strlen(uwords[j]) < STRINGSIZE - 1)
 	    {
-	        if (sbuffer)
-	        {
-	       	    free(sbuffer);
-		    sbuffer = NULL;
-	        }
-		return _("it is derivable from your password entry");
+		longbuffer[0] = uwords[i][0];
+		longbuffer[1] = '\0';
+	    	strcat(longbuffer, uwords[j]);
+
+		if (GTry(longbuffer, password))
+		{
+		    if (sbuffer)
+		    {
+			free(sbuffer);
+			sbuffer = NULL;
+		    }
+		    return _("it is derivable from your password entry");
+		}
 	    }
 
-	    longbuffer[0] = uwords[j][0];
-	    longbuffer[1] = '\0';
-	    strcat(longbuffer, uwords[i]);
-
-	    if (GTry(longbuffer, password))
+	    if (strlen(uwords[i]) < STRINGSIZE - 1)
 	    {
-	        if (sbuffer)
-	        {
-	       	    free(sbuffer);
-		    sbuffer = NULL;
-	        }
-		return _("it's derivable from your password entry");
+		longbuffer[0] = uwords[j][0];
+		longbuffer[1] = '\0';
+		strcat(longbuffer, uwords[i]);
+
+		if (GTry(longbuffer, password))
+		{
+		    if (sbuffer)
+		    {
+			free(sbuffer);
+			sbuffer = NULL;
+		    }
+		    return _("it's derivable from your password entry");
+		}
 	    }
 	}
     }
