diff --git a/src/share/classes/sun/security/util/ObjectIdentifier.java b/src/share/classes/sun/security/util/ObjectIdentifier.java
index 66038a377373886055cd768ab45bfcc7cab59983..97dc9c5e2931e8c161b2a48a644fdd034f204ee9 100644
--- a/src/share/classes/sun/security/util/ObjectIdentifier.java
+++ b/src/share/classes/sun/security/util/ObjectIdentifier.java
@@ -255,7 +255,13 @@ class ObjectIdentifier implements Serializable
                 + " (tag = " +  type_id + ")"
                 );
 
-        encoding = new byte[in.getLength()];
+        int len = in.getLength();
+        if (len > in.available()) {
+            throw new IOException("ObjectIdentifier() -- length exceeds" +
+                    "data available.  Length: " + len + ", Available: " +
+                    in.available());
+        }
+        encoding = new byte[len];
         in.getBytes(encoding);
         check(encoding);
     }