[2019-07-18] - Found with American Fuzzy Lop - CVE-2019-13952

Stack-based buffer overflow in the set_ipv6() function, in zscan_rfc1035.rl.

It can be triggered with the following input:

```
ns1.all.rr.org.         IN      AAAA            2001:67c:2e8:22::c100:68b:2001:67c:2e8:22::c100:68:2001:67c:2e8:22::c100:68b
```

Because no bounds checking is being done in the set_ipv6() function, 'len'
ends up being larger than INET6_ADDRSTRLEN + 1:

```
static void set_ipv6(zscan_t* z, const char* end)
{
    char txt[INET6_ADDRSTRLEN + 1];
    unsigned len = end - z->tstart;
    memcpy(txt, z->tstart, len);
```

As previously, the parser will happily parse malformed IPv6 address strings
spawning several gigabytes.