diff --git a/src/mbyte.c b/src/mbyte.c
index 9c0b18791..61a7d8bd6 100644
--- a/src/mbyte.c
+++ b/src/mbyte.c
@@ -3124,6 +3124,9 @@ mb_strnicmp(s1, s2, nn)
 		/* If one of the two characters is incomplete return -1. */
 		if (incomplete || i + utf_byte2len(s2[i]) > n)
 		    return -1;
+		/* Don't case-fold illegal bytes or truncated characters. */
+		if (utf_ptr2len(s1 + i) < l || utf_ptr2len(s2 + i) < l)
+		    return -1;
 		cdiff = utf_fold(utf_ptr2char(s1 + i))
 					     - utf_fold(utf_ptr2char(s2 + i));
 		if (cdiff != 0)
diff --git a/src/version.c b/src/version.c
index b334cdb16..3285341ee 100644
--- a/src/version.c
+++ b/src/version.c
@@ -714,6 +714,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    40,
 /**/
     39,
 /**/