diff --git a/icoutils-wrestool-extract.patch b/icoutils-wrestool-extract.patch
new file mode 100644
index 0000000..53990b8
--- /dev/null
+++ b/icoutils-wrestool-extract.patch
@@ -0,0 +1,22 @@
+diff --git a/wrestool/extract.c b/wrestool/extract.c
+index a203d04..8192a1f 100644
+--- a/wrestool/extract.c
++++ b/wrestool/extract.c
+@@ -237,13 +237,15 @@ extract_group_icon_cursor_resource(WinLibrary *fi, WinResource *wr, char *lang,
+ 		fileicondir->entries[c-skipped].dib_offset = offset;
+ 
+ 		/* transfer resource into file memory */
++		if (size > icondir->entries[c].bytes_in_res)
++			size = icondir->entries[c].bytes_in_res;
+ 		if (is_icon) {
+-			memcpy(&memory[offset], data, icondir->entries[c].bytes_in_res);
++			memcpy(&memory[offset], data, size);
+ 		} else {
+ 			fileicondir->entries[c-skipped].hotspot_x = ((uint16_t *) data)[0];
+ 			fileicondir->entries[c-skipped].hotspot_y = ((uint16_t *) data)[1];
+ 			memcpy(&memory[offset], data+sizeof(uint16_t)*2,
+-				   icondir->entries[c].bytes_in_res-sizeof(uint16_t)*2);
++				   size-sizeof(uint16_t)*2);
+ 			offset -= sizeof(uint16_t)*2;
+ 		}
+ 
diff --git a/icoutils.spec b/icoutils.spec
index e47b8e3..cc3d9a7 100644
--- a/icoutils.spec
+++ b/icoutils.spec
@@ -1,6 +1,6 @@
 Name:           icoutils
 Version:        0.31.0
-Release:        7%{?dist}
+Release:        8%{?dist}
 Summary:        Utility for extracting and converting Microsoft icon and cursor files
 
 Group:          Applications/Multimedia
@@ -8,6 +8,10 @@ License:        GPLv3+
 URL:            http://www.nongnu.org/icoutils/
 Source0:        http://savannah.nongnu.org/download/%{name}/%{name}-%{version}.tar.bz2
 
+# wrestool: ensure that reading the resource data doesn't exceed the
+# allocated memory block
+Patch0:         %{name}-wrestool-extract.patch
+
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  gettext 
@@ -24,6 +28,7 @@ libraries.
 
 %prep
 %setup -q
+%patch0 -p1
 autoreconf -i
 
 for f in AUTHORS NEWS; do
@@ -52,6 +57,9 @@ make install DESTDIR=%{buildroot}
 
 
 %changelog
+* Tue Sep 08 2015 Martin Gieseking <martin.gieseking@uos.de> 0.31.0-8
+- Added patch to prevent wrestool to segfault when reading inconsistent resource data
+
 * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.0-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild