diff --git a/ChangeLog b/ChangeLog
index 87c465843..a708ca28a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2015-01-20  Vladimir Serbinenko  <phcoder@gmail.com>
+
+	* grub-core/lib/pbkdf2.c (grub_crypto_pbkdf2): Check that hash len is not 0.
+
 2015-01-20  Vladimir Serbinenko  <phcoder@gmail.com>
 
 	* grub-core/osdep/linux/blocklist.c (grub_install_get_blocklist): Check
diff --git a/grub-core/lib/pbkdf2.c b/grub-core/lib/pbkdf2.c
index 2fbaa95e8..01cee3951 100644
--- a/grub-core/lib/pbkdf2.c
+++ b/grub-core/lib/pbkdf2.c
@@ -52,7 +52,7 @@ grub_crypto_pbkdf2 (const struct gcry_md_spec *md,
   grub_uint8_t *tmp;
   grub_size_t tmplen = Slen + 4;
 
-  if (md->mdlen > GRUB_CRYPTO_MAX_MDLEN)
+  if (md->mdlen > GRUB_CRYPTO_MAX_MDLEN || md->mdlen == 0)
     return GPG_ERR_INV_ARG;
 
   if (c == 0)