From 83151a65f35ab81dd2cadab248993e40c35e2e98 Mon Sep 17 00:00:00 2001
From: doublex <doppelbauer@gmx.net>
Date: Thu, 19 Apr 2018 19:45:26 +0200
Subject: [PATCH] buffer overflow (valgrind) (#159)

---
 src/userauth.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/userauth.c b/src/userauth.c
index c4c568fb..37a08dd6 100644
--- a/src/userauth.c
+++ b/src/userauth.c
@@ -491,7 +491,7 @@ memory_read_publickey(LIBSSH2_SESSION * session, unsigned char **method,
 
     sp1++;
 
-    sp2 = memchr(sp1, ' ', pubkey_len - (sp1 - pubkey - 1));
+    sp2 = memchr(sp1, ' ', pubkey_len - (sp1 - pubkey));
     if(sp2 == NULL) {
         /* Assume that the id string is missing, but that it's okay */
         sp2 = pubkey + pubkey_len;