security issues in the library

[CoSunshine]

We find several security vulnerable issue in the used library: https://github.com/TrinityEmulator/TrinityEmulator/blob/main/ui/vnc.c#L3485 patched by https://github.com/qemu/qemu/commit/3f9c41c5df9617510d8533cf6588172efb3df34b

vnc: avoid underflow when accessing user-provided address If hostlen is zero, there is a possibility that addrstr[hostlen - 1] underflows and, if a closing bracked is there, hostlen - 2 is passed to g_strndup() on the next line. If websocket==false then addrstr[0] would be a colon, but if websocket==true this could in principle happen.

Fix it by checking hostlen.