diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index a34fe6850..823019d37 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,7 @@
+2014-05-18  David Stacey  <drstacey@tiscali.co.uk>
+
+	* syscalls.cc (getusershell): Fix buffer overrun (Coverity ID 59932).
+
 2014-05-15  Corinna Vinschen  <corinna@vinschen.de>
 
 	* external.cc (cygwin_internal): Use local name buffer instead of
diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc
index 3a8fabf6d..de8cf119c 100644
--- a/winsup/cygwin/syscalls.cc
+++ b/winsup/cygwin/syscalls.cc
@@ -4179,7 +4179,7 @@ getusershell ()
   /* Get each non-whitespace character as part of the shell path as long as
      it fits in buf. */
   for (buf_idx = 0;
-       ch != EOF && !isspace (ch) && buf_idx < PATH_MAX;
+       ch != EOF && !isspace (ch) && buf_idx < (PATH_MAX - 1);
        buf_idx++, ch = getc (shell_fp))
     buf[buf_idx] = ch;
   /* Skip any trailing non-whitespace character not fitting in buf.  If the