$NetBSD: patch-ag,v 1.1 2010/12/16 18:00:59 drochner Exp $

--- src/libopensc/card-starcos.c.orig	2010-02-16 09:03:28.000000000 +0000
+++ src/libopensc/card-starcos.c
@@ -1289,8 +1289,8 @@ static int starcos_get_serialnr(sc_card_
 	if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00)
 		return SC_ERROR_INTERNAL;
 	/* cache serial number */
-	memcpy(card->serialnr.value, apdu.resp, apdu.resplen);
-	card->serialnr.len = apdu.resplen;
+	memcpy(card->serialnr.value, apdu.resp, MIN(apdu.resplen, SC_MAX_SERIALNR));
+	card->serialnr.len = MIN(apdu.resplen, SC_MAX_SERIALNR);
 	/* copy and return serial number */
 	memcpy(serial, &card->serialnr, sizeof(*serial));
 	return SC_SUCCESS;
