diff --git a/ChangeLog b/ChangeLog
index c049bc3b..88def950 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 2015-02-21  Jay Berkenbilt  <ejb@ql.org>
 
+	* Prevent buffer overrun when converting a password to an
+	encryption key. Thanks to Gynvael Coldwind and Mateusz Jurczyk of
+	the Google Security Team for providing a sample file with this
+	problem.
+
 	* Ensure that arguments to "R" when parsing the file are direct
 	objects before trying to resolve them. This prevents specially
 	crafted files from causing qpdf to crash with a stack overflow.
diff --git a/libqpdf/QPDF_encryption.cc b/libqpdf/QPDF_encryption.cc
index 23284809..71c28d0e 100644
--- a/libqpdf/QPDF_encryption.cc
+++ b/libqpdf/QPDF_encryption.cc
@@ -428,7 +428,9 @@ QPDF::compute_encryption_key_from_password(
     }
     MD5::Digest digest;
     iterate_md5_digest(md5, digest, ((data.getR() >= 3) ? 50 : 0));
-    return std::string(reinterpret_cast<char*>(digest), data.getLengthBytes());
+    return std::string(reinterpret_cast<char*>(digest),
+                       std::min(static_cast<int>(sizeof(digest)),
+                                data.getLengthBytes()));
 }
 
 static void