diff --git a/ChangeLog b/ChangeLog
index 96429e1ca434d151d87b17092597e0f1888ce53b..06ae8ff55bccbbc6b4eda38fd00b527189351cd9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2013-05-17  Niels Möller  <nisse@lysator.liu.se>
+
+	* ecc-j-to-a.c (ecc_j_to_a): Fixed ecc_modp_mul call, to avoid
+	invalid overlap of arguments to mpn_mul_n. Problem tracked down by
+	Magnus Holmgren.
+
 2013-05-16  Niels Möller  <nisse@lysator.liu.se>
 
 	* arm/aes-encrypt-internal.asm: New file, for pre-v6 processors.
diff --git a/ecc-j-to-a.c b/ecc-j-to-a.c
index df8b876490e797342176583839fdf753c2cadf41..26c1a03abde2603fd5dd9a19af2f9117570b6960 100644
--- a/ecc-j-to-a.c
+++ b/ecc-j-to-a.c
@@ -46,6 +46,7 @@ ecc_j_to_a (const struct ecc_curve *ecc,
 #define up   (scratch + ecc->size)
 #define iz2p (scratch + ecc->size)
 #define iz3p (scratch + 2*ecc->size)
+#define izBp (scratch + 3*ecc->size)
 #define tp    scratch
 
   mp_limb_t cy;
@@ -72,11 +73,11 @@ ecc_j_to_a (const struct ecc_curve *ecc,
       if (flags & 1)
 	{
 	  /* Divide this common factor by B */
-	  mpn_copyi (iz3p, izp, ecc->size);
-	  mpn_zero (iz3p + ecc->size, ecc->size);
-	  ecc->redc (ecc, iz3p);
-      
-	  ecc_modp_mul (ecc, iz2p, izp, iz3p);
+	  mpn_copyi (izBp, izp, ecc->size);
+	  mpn_zero (izBp + ecc->size, ecc->size);
+	  ecc->redc (ecc, izBp);
+
+	  ecc_modp_mul (ecc, iz2p, izp, izBp);
 	}
       else
 	ecc_modp_sqr (ecc, iz2p, izp);