Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file.

A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice.