diff --git a/server/modules/protocol/MySQL/mariadbclient/mysql_client.cc b/server/modules/protocol/MySQL/mariadbclient/mysql_client.cc
index 692f80bbb..08bddce77 100644
--- a/server/modules/protocol/MySQL/mariadbclient/mysql_client.cc
+++ b/server/modules/protocol/MySQL/mariadbclient/mysql_client.cc
@@ -20,6 +20,7 @@
 #include <limits.h>
 #include <netinet/tcp.h>
 #include <sys/stat.h>
+#include <algorithm>
 #include <string>
 
 #include <maxscale/alloc.h>
@@ -1545,6 +1546,14 @@ static bool reauthenticate_client(MXS_SESSION* session, GWBUF* packetbuf)
         gwbuf_copy_data(proto->stored_query, MYSQL_HEADER_LEN + 1,
                         sizeof(user), (uint8_t*)user);
 
+        char* end = user + sizeof(user);
+
+        if (std::find(user, end, '\0') == end)
+        {
+            mysql_send_auth_error(session->client_dcb, 3, 0, "Malformed AuthSwitchRequest packet");
+            return false;
+        }
+
         // Copy the new username to the session data
         MYSQL_session* data = (MYSQL_session*)session->client_dcb->data;
         strcpy(data->user, user);