Comment 2 for bug 78486

Here is a patch extracted from DSA-1247-1:

--- libapache-mod-auth-kerb-4.996-5.0-rc6.orig/spnegokrb5/der_get.c
+++ libapache-mod-auth-kerb-4.996-5.0-rc6/spnegokrb5/der_get.c
@@ -151,7 +151,7 @@
     if (len < 1)
        return ASN1_OVERRUN;

- data->components = malloc(len * sizeof(*data->components));
+ data->components = malloc((len + 1) * sizeof(*data->components));
     if (data->components == NULL && len != 0)
        return ENOMEM;
     data->components[0] = (*p) / 40;