utf8makevalid read out of bounds (+ other functions)

[JPDelprat]

Hello, It seems to me that utf8makevalid can read string to modify out of bounds :

while ('\0' != read) { if (0xf0 == (0xf8 & read)) { /* ensure each of the 3 following bytes in this 4-byte

• utf8 codepoint began with 0b10xxxxxx */ if ((0x80 != (0xc0 & read[1])) || (0x80 != (0xc0 & read[2])) || (0x80 != (0xc0 & read[3]))) {

=> it seems to me that we cannot be sure that read[1], [2] and [3] are not of bounds.

Regards,

PS : same problem in utf8codepoint and maybe other functions, but this is particularly important for utf8makevalid , because I can have any invaldi string as an input

[sheredom]

Good spot! Would happily accept a PR with testing.