diff --git a/avrdude/ChangeLog b/avrdude/ChangeLog
index 516ef81d..da4cba9e 100644
--- a/avrdude/ChangeLog
+++ b/avrdude/ChangeLog
@@ -1,3 +1,10 @@
+2009-04-28  Joerg Wunsch <j.gnu@uriah.heep.sax.de>
+
+	Submitted by Carl Hamilton:
+	* update.c (parse_op): correctly \0-terminate buf after filling
+	it, before it is potentially used as the source of a call to
+	strlen or strcpy.
+
 2009-04-14  Joerg Wunsch <j.gnu@uriah.heep.sax.de>
 
 	* doc/avrdude.texi: Merge the -P 0xXXX option description from
diff --git a/avrdude/update.c b/avrdude/update.c
index 51952cdc..22c9de7d 100644
--- a/avrdude/update.c
+++ b/avrdude/update.c
@@ -51,6 +51,7 @@ UPDATE * parse_op(char * s)
   p = s;
   while ((i < (sizeof(buf)-1) && *p && (*p != ':')))
     buf[i++] = *p++;
+  buf[i] = 0;
 
   if (*p != ':') {
     upd->memtype = (char *)malloc(strlen("flash")+1);
@@ -69,8 +70,6 @@ UPDATE * parse_op(char * s)
     return upd;
   }
 
-  buf[i] = 0;
-
   upd->memtype = (char *)malloc(strlen(buf)+1);
   if (upd->memtype == NULL) {
     fprintf(stderr, "%s: out of memory\n", progname);