From ec76c24084e544a850785eb1d74c7a82189eea3f Mon Sep 17 00:00:00 2001
From: Jacob Nevins <jacobn@chiark.greenend.org.uk>
Date: Tue, 1 Mar 2005 23:48:45 +0000
Subject: [PATCH] Fix off-by-one in memory management of PPK reading routine,
 which could cause 1-byte buffer overflow when reading .PPK files with long
 lines (>=128 bytes in header value -- probably only happened in practice in
 the comment field).

[originally from svn r5427]
---
 sshpubk.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sshpubk.c b/sshpubk.c
index 166afbcb..bdd1a229 100644
--- a/sshpubk.c
+++ b/sshpubk.c
@@ -514,7 +514,7 @@ static char *read_body(FILE * fp)
 	    sfree(text);
 	    return NULL;
 	}
-	if (len + 1 > size) {
+	if (len + 1 >= size) {
 	    size += 128;
 	    text = sresize(text, size, char);
 	}
-- 
2.45.2