$NetBSD: patch-CVE-2013-4852-3,v 1.2.2.2 2013/08/21 21:59:57 tron Exp $

--- src/putty/import.c.orig	2008-02-22 03:00:11.000000000 +0000
+++ src/putty/import.c
@@ -290,7 +290,7 @@ static int ssh2_read_mpint(void *data, i
     if (len < 4)
         goto error;
     bytes = GET_32BIT(d);
-    if (len < 4+bytes)
+    if (bytes < 0 || len-4 < bytes)
         goto error;
 
     ret->start = d + 4;
