--- a/backend/usb-libusb.c
+++ b/backend/usb-libusb.c
@@ -430,15 +430,26 @@
   * Check to see if the length is larger than our buffer; first
   * assume that the vendor incorrectly implemented the 1284 spec,
   * and then limit the length to the size of our buffer...
+  * Consider a length < 14 as too short, as the minimum valid device
+  * ID ("MFG:x;MDL:y;") is 12 bytes long and so we have at least 14
+  * bytes with the two length bytes...
+  * Especially the length in the memmove() call cannot get negative then,
+  * causing the backend to segfault.
   */
 
-  if (length > bufsize)
+  if ((length > bufsize) || (length < 14))
     length = (((unsigned)buffer[1] & 255) << 8) +
 	     ((unsigned)buffer[0] & 255);
 
   if (length > bufsize)
     length = bufsize;
 
+  if (length < 14)
+  {
+    *buffer = '\0';
+    return (-1);
+  }
+
   length -= 2;
 
  /*