I can generally reproduce this reliably using $ st -e cat /dev/urandom In what way the underflow of buflen is caused though, I have not yet been able to determine. One aspect of the problem is definitely that buflen is generally never range-checked.
cheers! mar77i
