diff --git a/src/encauth/eax/eax_decrypt_verify_memory.c b/src/encauth/eax/eax_decrypt_verify_memory.c
index 4de1a7f..8c6540f 100644
--- a/src/encauth/eax/eax_decrypt_verify_memory.c
+++ b/src/encauth/eax/eax_decrypt_verify_memory.c
@@ -55,6 +55,9 @@ int eax_decrypt_verify_memory(int cipher,
    /* default to zero */
    *stat = 0;
 
+   /* limit taglen */
+   taglen = MIN(taglen, MAXBLOCKSIZE);
+
    /* allocate ram */
    buf = XMALLOC(taglen);
    eax = XMALLOC(sizeof(*eax));