Integer overflow caused by incorrect operation in struct file. #3692
Description
It seems like b_unpack function in app/modules/struct.c has an integer overflow vulnerability.
size_t pos = luaL_optinteger(L, 3, 1) - 1; statement cause integer overflow leading to out-of-bounds access.
It might be triggered with following script: return struct.unpack('f', "xxxxxxxxxxxxx",-3)
please check the PR for this issue.