diff --git a/ChangeLog b/ChangeLog
index a464096f1b..e8091eeb04 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Mon Feb 15 22:45:26 2010  Tanaka Akira  <akr@fsij.org>
+
+	* st.c (st_foreach): don't access ptr->hash after func call.
+	  It may access freed area.
+
 Mon Feb 15 22:25:16 2010  Tanaka Akira  <akr@fsij.org>
 
 	* ext/zlib/zlib.c (zlib_mem_alloc): suppress valgrind warnings.
diff --git a/st.c b/st.c
index 7a5509cbc9..ec518e936a 100644
--- a/st.c
+++ b/st.c
@@ -774,10 +774,10 @@ st_foreach(st_table *table, int (*func)(ANYARGS), st_data_t arg)
 
     if ((ptr = table->head) != 0) {
 	do {
+	    i = ptr->hash % table->num_bins;
 	    retval = (*func)(ptr->key, ptr->record, arg);
 	    switch (retval) {
 	      case ST_CHECK:	/* check if hash is modified during iteration */
-		i = ptr->hash % table->num_bins;
 		for (tmp = table->bins[i]; tmp != ptr; tmp = tmp->next) {
 		    if (!tmp) {
 			/* call func with error notice */