Read past end of string for strings with incorrect length without failure

[knutwannheden]

cbor-x appears to be reading past the end of a string data item, when the string's length was incorrectly specified.

In the following example the bytes encode a string with length one and two empty map data items:

import {decodeMultiple} from 'cbor-x';
console.info(decodeMultiple(new Uint8Array([0x61, 0xdb, 0xa0, 0xa0])));

The output here is two data items: One string and one empty map.

The expected outcome would have been an exception. The problem here is that the UTF-8 leading byte 0xdb indicates that it requires a continuation byte. Rather than just reading that, cbor-x should instead report an error, as the string data item should have indicated a length of 2 instead of 1.