diff --git a/ChangeLog b/ChangeLog
index 085b2b5bc..1e0509db0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
 20030628
  - (djm) Bug #591: use PKCS#15 private key label as a comment in case 
    of OpenSC. Report and patch from larsch@trustcenter.de
+ - (djm) Bug #593: Sanity check OpenSC card reader number; patch from 
+   aj@dungeon.inka.de
 
 20030628
  - (dtucker) OpenBSD CVS Sync
@@ -607,4 +609,4 @@
  - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
    Report from murple@murple.net, diagnosis from dtucker@zip.com.au
 
-$Id: ChangeLog,v 1.2830 2003/06/28 08:02:47 djm Exp $
+$Id: ChangeLog,v 1.2831 2003/06/28 08:08:16 djm Exp $
diff --git a/scard-opensc.c b/scard-opensc.c
index e8e12dd85..4ab87ea8a 100644
--- a/scard-opensc.c
+++ b/scard-opensc.c
@@ -89,6 +89,12 @@ sc_init(void)
 	r = sc_establish_context(&ctx, "openssh");
 	if (r)
 		goto err;
+	if (sc_reader_id >= ctx->reader_count) {
+		r = SC_ERROR_NO_READERS_FOUND;
+		error("Illegal reader number %d (max %d)", sc_reader_id, 
+		    ctx->reader_count -1);
+		goto err;
+	}
 	r = sc_connect_card(ctx->reader[sc_reader_id], 0, &card);
 	if (r)
 		goto err;