I found there is a function " static const char *utf8_decode (const char *o, int *val) " in lutf8lib.c . This function can't known the boundary of string o . So it may cause the heap corruption.
For example, I can build a corruption utf8 string, when utf8 function call utf8_decode to read it , it may read the memory out of the string. Or it can't detect the utf8 string is invalid.
