Buffer overflows because on signed/unsigned type conversion.
vulners.com/securityvulns/securityvulns:doc:4311
vulners.com/securityvulns/securityvulns:doc:4312
vulners.com/securityvulns/securityvulns:doc:4313
vulners.com/securityvulns/securityvulns:doc:4314
vulners.com/securityvulns/securityvulns:doc:5123