diff --git a/net/nfs.c b/net/nfs.c
index 6357309..591417e 100644
--- a/net/nfs.c
+++ b/net/nfs.c
@@ -533,7 +533,7 @@
 
 static int nfs_read_reply(unsigned char *pkt, unsigned len)
 {
-	int rlen;
+	unsigned int rlen;
 	uint32_t *data;
 	int ret;
 
@@ -552,6 +552,8 @@
 
 	rlen = ntohl(net_read_uint32(data + 18));
 
+	rlen = max_t(unsigned int, rlen, len - 19);
+
 	ret = write(net_store_fd, (char *)(data + 19), rlen);
 	if (ret < 0) {
 		perror("write");