[2019-06-19] - Found with American Fuzzy Lop - CVE-2019-14274

Heap-based Buffer Overflow in the do_msg() function, in support.c.

Issue can be reproduced by running:

```
mcpp test-do_msg01
```

```
=================================================================
==10413==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000001d8 at pc 0x00000055ca6a bp 0x7fffb81dfbf0 sp 0x7fffb81dfbe8
WRITE of size 1 at 0x6020000001d8 thread T0
    #0 0x55ca69 in do_msg /home/fcambus/mcpp-2.7.2/src/support.c:2514:23
    #1 0x54eed9 in cerror /home/fcambus/mcpp-2.7.2/src/support.c:2633:5
    #2 0x553456 in scan_quote /home/fcambus/mcpp-2.7.2/src/support.c:867:21
    #3 0x55a22e in parse_line /home/fcambus/mcpp-2.7.2/src/support.c:1758:22
    #4 0x550214 in get_ch /home/fcambus/mcpp-2.7.2/src/support.c:1580:13
    #5 0x513c1b in mcpp_main /home/fcambus/mcpp-2.7.2/src/main.c:626:17
    #6 0x513396 in main /home/fcambus/mcpp-2.7.2/src/main.c:421:5
    #7 0x7f2b6ef38b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
    #8 0x41a149 in _start (/home/fcambus/mcpp-verif/mcpp+0x41a149)

0x6020000001d8 is located 0 bytes to the right of 8-byte region [0x6020000001d0,0x6020000001d8)
allocated by thread T0 here:
    #0 0x4da000 in malloc (/home/fcambus/mcpp-verif/mcpp+0x4da000)
    #1 0x55c21b in do_msg /home/fcambus/mcpp-2.7.2/src/support.c:2459:35
    #2 0x54eed9 in cerror /home/fcambus/mcpp-2.7.2/src/support.c:2633:5
    #3 0x553456 in scan_quote /home/fcambus/mcpp-2.7.2/src/support.c:867:21
    #4 0x55a22e in parse_line /home/fcambus/mcpp-2.7.2/src/support.c:1758:22
    #5 0x550214 in get_ch /home/fcambus/mcpp-2.7.2/src/support.c:1580:13
    #6 0x513c1b in mcpp_main /home/fcambus/mcpp-2.7.2/src/main.c:626:17
    #7 0x513396 in main /home/fcambus/mcpp-2.7.2/src/main.c:421:5
    #8 0x7f2b6ef38b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310

SUMMARY: AddressSanitizer: heap-buffer-overflow /home/fcambus/mcpp-2.7.2/src/support.c:2514:23 in do_msg
Shadow bytes around the buggy address:
  0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff8000: fa fa 00 06 fa fa fd fd fa fa 00 07 fa fa fd fa
  0x0c047fff8010: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
  0x0c047fff8020: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
=>0x0c047fff8030: fa fa fd fa fa fa fd fa fa fa 00[fa]fa fa fa fa
  0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8070: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8080: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==10413==ABORTING
```