--- a/pam_ldap.c	
+++ a/pam_ldap.c	
@@ -3036,6 +3036,10 @@ _do_authentication (pam_handle_t *pamh,
 		    const char *user, const char *password)
 {
   int rc = PAM_SUCCESS;
+  if (password && strlen(password) > 512)
+  {
+    return PAM_AUTH_ERR;
+  }
 
   if (session->info == NULL)
     {