From 9ff1a454ce97e7732cc14859918e028ff914d93a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= <des@des.no>
Date: Sat, 9 Jan 2016 18:29:32 +0000
Subject: [PATCH] Fix off-by-one bug: we forgot to account for the terminating
 NUL when checking the length of the label.

git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@881 185d5e19-27fe-0310-9dcf-9bff6b9f3609
---
 lib/liboath/oath_key_create.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/liboath/oath_key_create.c b/lib/liboath/oath_key_create.c
index cf97edd..8a6f458 100644
--- a/lib/liboath/oath_key_create.c
+++ b/lib/liboath/oath_key_create.c
@@ -55,9 +55,9 @@ oath_key_create(const char *label,
 	struct oath_key *key;
 	int labellen;
 
-	/* check label */
+	/* check label length */
 	if (label == NULL ||
-	    (labellen = strlen(label)) > OATH_MAX_LABELLEN)
+	    (labellen = strlen(label)) >= OATH_MAX_LABELLEN)
 		return (NULL);
 
 	/* check key length */