From 56668e6dca80813a2c9f03d4c02ed20e22f1061b Mon Sep 17 00:00:00 2001
From: simon <simon@cda61777-01e9-0310-a592-d414129be87e>
Date: Thu, 11 Jul 2013 17:24:01 +0000
Subject: [PATCH] Add another missing bounds check in the SSH-1 private key
 loader.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9904 cda61777-01e9-0310-a592-d414129be87e
---
 sshpubk.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sshpubk.c b/sshpubk.c
index bd3c5e47..b860040d 100644
--- a/sshpubk.c
+++ b/sshpubk.c
@@ -74,7 +74,7 @@ static int loadrsakey_main(FILE * fp, struct RSAKey *key, int pub_only,
     /* Next, the comment field. */
     j = GET_32BIT(buf + i);
     i += 4;
-    if (len - i < j)
+    if (j < 0 || len - i < j)
 	goto end;
     comment = snewn(j + 1, char);
     if (comment) {
-- 
2.11.0