diff -r e392f1b88fff Lib/test/test_io.py
--- a/Lib/test/test_io.py	Mon May 20 10:28:48 2013 -0700
+++ b/Lib/test/test_io.py	Mon May 20 23:29:46 2013 +0300
@@ -3027,6 +3027,15 @@
 class CMiscIOTest(MiscIOTest):
     io = io
 
+    def test_readinto_buffer_overflow(self):
+        # Issue #
+        class BadReader(self.io.BufferedIOBase):
+            def read(self, n=-1):
+                return b'x' * 10**6
+        bufio = BadReader()
+        b = bytearray(2)
+        self.assertRaises(ValueError, bufio.readinto, b)
+
 class PyMiscIOTest(MiscIOTest):
     io = pyio
 
diff -r e392f1b88fff Modules/_io/bufferedio.c
--- a/Modules/_io/bufferedio.c	Mon May 20 10:28:48 2013 -0700
+++ b/Modules/_io/bufferedio.c	Mon May 20 23:29:46 2013 +0300
@@ -69,6 +69,14 @@
     }
 
     len = Py_SIZE(data);
+    if (len > buf.len) {
+        PyErr_Format(PyExc_ValueError,
+                     "read() returned too much data: "
+                     "%zd bytes requested, %zd returned",
+                     buf.len, len);
+        Py_DECREF(data);
+        goto error;
+    }
     memcpy(buf.buf, PyBytes_AS_STRING(data), len);
 
     PyBuffer_Release(&buf);