diff -up mcrypt-2.6.7/src/rfc2440.c.BAD mcrypt-2.6.7/src/rfc2440.c
--- mcrypt-2.6.7/src/rfc2440.c.BAD	2007-12-17 06:37:19.000000000 -0500
+++ mcrypt-2.6.7/src/rfc2440.c	2007-12-17 06:38:22.000000000 -0500
@@ -405,7 +405,7 @@ length_decode(const uchar *buf, int pos,
         len += (buf[pos+1] + 192);
     }
     else if (buf[pos] == 255) {
-        len += (buf[pos+1] << 24);
+        len = (buf[pos+1] << 24);
         len += (buf[pos+2] << 16);
         len += (buf[pos+3] << 8);
         len += buf[pos+4];
@@ -662,7 +662,7 @@ symkey_enc_encode(const DEK *dek)
 {
     USTRING result;
     int pos = 0;
-    uchar buf[13];
+    uchar buf[15];
 
     assert(dek->keylen > 0);