diff -up texlive-2007/texk/web2c/bibtex.ch.poolfix texlive-2007/texk/web2c/bibtex.ch
--- texlive-2007/texk/web2c/bibtex.ch.poolfix	2006-12-27 00:37:34.000000000 +0100
+++ texlive-2007/texk/web2c/bibtex.ch	2009-10-16 06:55:52.000000000 +0200
@@ -1134,6 +1134,15 @@ while ((ex_buf_xptr < ex_buf_ptr) and
 @y
 @z
 
+% Forgot to check for pool overflow here.  Triggered by test case linked
+% from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920.
+@x
+while (sp_ptr < sp_end) do                      {shift the substring}
+@y
+str_room(sp_end - sp_ptr);
+while (sp_ptr < sp_end) do                      {shift the substring}
+@z
+
 % [459] Eliminate unreferenced statement label, because `undefined' is
 % now a constant expression that is not evaluated at the Web level. If
 % this label were ever required, it could be replaced by the constant