diff --git a/include/httpd.h b/include/httpd.h
index 228b81f172..29985d2594 100644
--- a/include/httpd.h
+++ b/include/httpd.h
@@ -1669,9 +1669,8 @@ AP_DECLARE(char *) ap_escape_path_segment_buffer(char *c, const char *s)
  * @param path The path to convert
  * @param partial if set, assume that the path will be appended to something
  *        with a '/' in it (and thus does not prefix "./").
- *        If not set, there will be one byte of additional space after the
- *        NUL, to allow the caller to append a '/'.
- * @return The converted URL
+ * @return The converted URL, with one byte of extra space after the NUL
+ *         to allow the caller to add a trailing '/'. 
  * @deprecated Replaced by apr_pescape_path() in APR
  */
 AP_DECLARE(char *) ap_os_escape_path(apr_pool_t *p, const char *path, int partial)
diff --git a/server/util.c b/server/util.c
index ad465845c1..af356b248c 100644
--- a/server/util.c
+++ b/server/util.c
@@ -1801,7 +1801,11 @@ AP_DECLARE(char *) ap_escape_path_segment(apr_pool_t *p, const char *segment)
 
 AP_DECLARE(char *) ap_os_escape_path(apr_pool_t *p, const char *path, int partial)
 {
-    char *copy = apr_palloc(p, 3 * strlen(path) + 3);
+    /* Allocate +3 for potential "./" and trailing NULL.
+     * Allocate another +1 to allow the caller to add a trailing '/' (see
+     * comment in 'ap_sub_req_lookup_dirent')
+     */
+    char *copy = apr_palloc(p, 3 * strlen(path) + 3 + 1);
     const unsigned char *s = (const unsigned char *)path;
     unsigned char *d = (unsigned char *)copy;
     unsigned c;