--- /n/sources/plan9/sys/src/cmd/cpu.c	Thu Jul 22 22:25:23 2010
+++ /sys/src/cmd/cpu.c	Sun Feb 28 00:00:00 2016
@@ -592,7 +545,11 @@
 	ai = auth_proxy(fd, auth_getkey, "proto=%q role=client %s", p9authproto, keyspec);
 	if(ai == nil)
 		return -1;
-	memmove(key+4, ai->secret, ai->nsecret);
+	if(ai->nsecret < 8){
+		werrstr("negotiated secret too short");
+		return -1;
+	}
+	memmove(key+4, ai->secret, 8);
 	if(ealgs == nil)
 		return fd;
 
@@ -663,7 +620,11 @@
 	if(auth_chuid(ai, nil) < 0)
 		return -1;
 	strecpy(user, user+MaxStr, ai->cuid);
-	memmove(key+4, ai->secret, ai->nsecret);
+	if(ai->nsecret < 8){
+		werrstr("negotiated secret too short");
+		return -1;
+	}
+	memmove(key+4, ai->secret, 8);
 
 	if(ealgs == nil)
 		return fd;