IMFreedom Security

Description

The previous fix to CVE-2008-2927 was deemed incomplete. The size check improperly cast an uint64 to size_t which can cause an integer overflow, rendering the check useless.

Mitigation

The proper variable type is now used when doing size comparison. Additionally, the malformed message is now properly discarded.