Nanopb before 0.3.1 allows size_t overflows in pb_dec_bytes and pb_dec_string.

Read More