diff -ruN radius/src/acct.c radius.cvs/src/acct.c
--- radius/src/acct.c	Thu Jun 24 09:40:37 1999
+++ radius.cvs/src/acct.c	Fri Mar 15 15:25:09 2002
@@ -324,12 +324,21 @@
 	AUTH_HDR *auth;
 	u_char	digest[AUTH_VECTOR_LEN];
 	u_char	savedigest[AUTH_VECTOR_LEN];
+	u_char	*abuffer;	/* Allocated buffer, which is used firstly as
+				an all-zero authenticator and then to
+				story the packet + shared secret.
+				It is always NULL terminated, and is
+				cleared after use */
 	char	hostnm[256];
 	int	secretlen;
 	int	len;
 	int	find_client();
 	void	md5_calc();
 
+	size_t	plen;	/* The length accoding to the radius packet */
+	size_t	slen;	/* The string length of the secret */
+	size_t	alen;	/* The lengh of the allocated buffer */
+
 	/*
 	 * Validate the requesting IP address -
 	 * Not secure, but worth the check for accidental requests
@@ -350,19 +359,40 @@
  	 */
 
 	auth = (AUTH_HDR *)buffer;
-	memset(savedigest, 0, AUTH_VECTOR_LEN);
-	if (accept_zero && memcmp(savedigest,auth->vector,AUTH_VECTOR_LEN) == 0) {
+	plen = ntohs(auth->length);
+	slen = strlen(secret);
+	if (AUTH_VECTOR_LEN > plen + slen +1) {
+		alen =  AUTH_VECTOR_LEN;
+	}
+	else {
+		alen = plen + slen +1;
+	}
+
+	abuffer = (u_char *)malloc(alen);
+	if(abuffer == NULL) {
+		log_err("calc_acctreq: Could not allocate memory!\n");
+		return(SIGN_NOMATCH);
+	}
+	memset(abuffer, 0, alen);
+
+	if (accept_zero && memcmp(abuffer, auth->vector,AUTH_VECTOR_LEN) == 0) {
+		free(abuffer);
 		return(SIGN_ZERO);
 	}
-	len = ntohs(auth->length);
-	memcpy(savedigest,auth->vector,AUTH_VECTOR_LEN);
+
+	memcpy(abuffer,buffer,plen);
+	memcpy(abuffer+plen,secret,slen);
+
+	auth = (AUTH_HDR *)abuffer;
 	memset(auth->vector, 0, AUTH_VECTOR_LEN);
-	secretlen = strlen((char *)secret);
-	memcpy(buffer+len,secret,secretlen);
-	md5_calc(digest, buffer, len+secretlen);
-	memcpy(auth->vector,savedigest,AUTH_VECTOR_LEN);
-	memset(buffer+len,0,secretlen);
-	if (memcmp(digest,savedigest,AUTH_VECTOR_LEN) == 0) {
+
+	md5_calc(digest, abuffer, plen+slen);
+
+	memset(abuffer, 0, alen);
+	free(abuffer);
+
+	auth = (AUTH_HDR *)buffer;
+	if (memcmp(digest,auth->vector,AUTH_VECTOR_LEN) == 0) {
 		return(SIGN_MATCH);
 	} else {
 		return(SIGN_NOMATCH);
diff -ruN radius/src/radiusd.c radius.cvs/src/radiusd.c
--- radius/src/radiusd.c	Thu Jun 24 09:40:42 1999
+++ radius.cvs/src/radiusd.c	Fri Mar 15 15:24:47 2002
@@ -2385,19 +2315,33 @@
 AUTH_REQ	*authreq;
 u_char		*secret;
 {
-	u_char	buffer[128];
-	int	secretlen;
+	u_char	*buffer;
+	size_t	secretlen;
+	size_t	len;
 
-	/* Use the secret to setup the decryption digest */
-	memset(buffer, 0, sizeof(buffer));
 	secretlen = strlen((char *)secret);
-	memcpy((char *)buffer, (char *)secret,secretlen);
+	len = secretlen + AUTH_VECTOR_LEN;
+
+	memset(digest, 0, sizeof(digest));
+
+	buffer = (u_char *)malloc(len+1);
+	if(buffer == NULL) {
+		log_err("calc_digest: Could not allocate memory!\n");
+		return;
+	}
+
+	/* Use the secret to setup the decryption digest */
+	memset(buffer, 0, len+1);
+	memcpy((char *)buffer, (char *)secret, secretlen);
 	memcpy(buffer + secretlen, authreq->vector, AUTH_VECTOR_LEN);
-	md5_calc(digest, buffer, secretlen + AUTH_VECTOR_LEN);
-	memset(buffer, 0, secretlen+AUTH_VECTOR_LEN);
+	md5_calc(digest, buffer, len);
+	memset(buffer, 0, len);
+
+	free(buffer);
 	return;
 }
 
+
 /*************************************************************************
  *
  *	Function: calc_next_digest
