|Summary||QQ remote DoS|
|Discovered By||Ka-Hing Cheung|
|Fixed In Release||2.5.6|
decrypt_out() always writes 8 bytes past the supplied buffer, which is always
allocated on the stack. We don’t believe this can cause anything outside of a
decrypt_out() is fixed to not write past the end of the buffer.