diff --git a/changelogs/unreleased/gh-8502-fix-buffer-overflow-in-tnt_strptime.md b/changelogs/unreleased/gh-8502-fix-buffer-overflow-in-tnt_strptime.md
new file mode 100644
index 0000000000000000000000000000000000000000..104e22ca52d68a1c5d5e1833ecdacf06b638af85
--- /dev/null
+++ b/changelogs/unreleased/gh-8502-fix-buffer-overflow-in-tnt_strptime.md
@@ -0,0 +1,3 @@
+## bugfix/datetime
+
+* Fixed a bug with buffer overflow in tnt_strptime (gh-8502).
diff --git a/src/lib/tzcode/strptime.c b/src/lib/tzcode/strptime.c
index b208e2b965aa4df2dd3753c855237445297e1d4f..4cc4351fc9ff8b0523bfe504aaacb9b370638ad2 100644
--- a/src/lib/tzcode/strptime.c
+++ b/src/lib/tzcode/strptime.c
@@ -125,9 +125,11 @@ tnt_strptime(const char *__restrict buf, const char *__restrict fmt,
 		c = *ptr++;
 
 		if (c != '%') {
-			if (isspace((u_char)c))
+			/* Eat up white-space in buffer and in format. */
+			if (isspace((u_char)c)) {
 				while (*buf != 0 && isspace((u_char)*buf))
 					buf++;
+			}
 			else if (c != *buf++)
 				return NULL;
 			continue;
@@ -661,9 +663,10 @@ tnt_strptime(const char *__restrict buf, const char *__restrict fmt,
 	if ((flags & (FLAG_YEAR | FLAG_YDAY)) == (FLAG_YEAR | FLAG_YDAY)) {
 		if (!(flags & FLAG_MONTH)) {
 			i = 0;
-			while (tm->tm_yday >=
-			       start_of_month[isleap(tm->tm_year +
-						     TM_YEAR_BASE)][i])
+			while (i <= 12 &&
+			       tm->tm_yday >=
+				       start_of_month[isleap(tm->tm_year +
+							     TM_YEAR_BASE)][i])
 				i++;
 			if (i > 12) {
 				i = 1;