pn_strndup (util.c:150) Invalid write of size 1

nc -l 127.0.0.1 5672 < ./crash-cacbe90ba41be2fb116697da7a90bfd716812c7b

[qpid-proton-0.15.0/build/examples/c/messenger] $ valgrind ./recv 127.0.0.1/jms.queue.example
==5749== Memcheck, a memory error detector
==5749== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==5749== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==5749== Command: ./recv 127.0.0.1/jms.queue.example
==5749== 
==5749== Invalid write of size 1
==5749==    at 0x4C2D13C: __strncpy_sse2_unaligned (vg_replace_strmem.c:548)
==5749==    by 0x4E4AD80: pn_strndup (util.c:259)
==5749==    by 0x4E5A7BE: pn_bytes_strdup (transport.c:1153)
==5749==    by 0x4E5A7BE: pn_do_open (transport.c:1198)
==5749==    by 0x4E52B6A: pni_dispatch_action (dispatcher.c:74)
==5749==    by 0x4E52B6A: pni_dispatch_frame (dispatcher.c:116)
==5749==    by 0x4E52B6A: pn_dispatcher_input (dispatcher.c:135)
==5749==    by 0x4E5906B: pn_input_read_amqp (transport.c:2523)
==5749==    by 0x4E59129: transport_consume (transport.c:1799)
==5749==    by 0x4E5C971: pn_transport_process (transport.c:2908)
==5749==    by 0x4E646F3: pni_connection_readable (messenger.c:262)
==5749==    by 0x4E6482F: pn_messenger_process (messenger.c:1367)
==5749==    by 0x4E649E0: pn_messenger_tsync (messenger.c:1439)
==5749==    by 0x4E64F94: pn_messenger_recv (messenger.c:2212)
==5749==    by 0x4012A4: main (recv.c:131)
==5749==  Address 0x772d641 is 0 bytes after a block of size 1 alloc'd
==5749==    at 0x4C29BE3: malloc (vg_replace_malloc.c:299)
==5749==    by 0x4E4AD6A: pn_strndup (util.c:257)
==5749==    by 0x4E5A7BE: pn_bytes_strdup (transport.c:1153)
==5749==    by 0x4E5A7BE: pn_do_open (transport.c:1198)
==5749==    by 0x4E52B6A: pni_dispatch_action (dispatcher.c:74)
==5749==    by 0x4E52B6A: pni_dispatch_frame (dispatcher.c:116)
==5749==    by 0x4E52B6A: pn_dispatcher_input (dispatcher.c:135)
==5749==    by 0x4E5906B: pn_input_read_amqp (transport.c:2523)
==5749==    by 0x4E59129: transport_consume (transport.c:1799)
==5749==    by 0x4E5C971: pn_transport_process (transport.c:2908)
==5749==    by 0x4E646F3: pni_connection_readable (messenger.c:262)
==5749==    by 0x4E6482F: pn_messenger_process (messenger.c:1367)
==5749==    by 0x4E649E0: pn_messenger_tsync (messenger.c:1439)
==5749==    by 0x4E64F94: pn_messenger_recv (messenger.c:2212)
==5749==    by 0x4012A4: main (recv.c:131)
==5749== 
Address: jms.queue.example
Subject: (no subject)
Content: "test message: 26"

[proactor]$ valgrind ./libuv_receive -a 127.0.0.1:5672/jms.queue.example -m 2
==26215== Memcheck, a memory error detector
==26215== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==26215== Using Valgrind-3.12.0 and LibVEX; rerun with -h for copyright info
==26215== Command: ./libuv_receive -a 127.0.0.1:5672/jms.queue.example -m 2
==26215== 
==26215== Invalid write of size 1
==26215==    at 0x4C2E284: __strncpy_sse2_unaligned (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26215==    by 0x4E4CF71: pn_strndup (util.c:150)
==26215==    by 0x4E5B0EE: pn_bytes_strdup (transport.c:1154)
==26215==    by 0x4E5B0EE: pn_do_open (transport.c:1199)
==26215==    by 0x4E53270: pni_dispatch_action (dispatcher.c:74)
==26215==    by 0x4E53270: pni_dispatch_frame (dispatcher.c:116)
==26215==    by 0x4E53270: pn_dispatcher_input (dispatcher.c:135)
==26215==    by 0x4E599BB: pn_input_read_amqp (transport.c:2524)
==26215==    by 0x4E59A89: transport_consume (transport.c:1800)
==26215==    by 0x4E5D115: pn_transport_process (transport.c:2909)
==26215==    by 0x404EBB: on_read (libuv_proactor.c:511)
==26215==    by 0x509A2FC: ??? (in /usr/lib/libuv.so.1.0.0)
==26215==    by 0x509AC0B: ??? (in /usr/lib/libuv.so.1.0.0)
==26215==    by 0x509F937: uv__io_poll (in /usr/lib/libuv.so.1.0.0)
==26215==    by 0x50912B3: uv_run (in /usr/lib/libuv.so.1.0.0)
==26215==  Address 0x69c28d1 is 0 bytes after a block of size 1 alloc'd
==26215==    at 0x4C2AB8D: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26215==    by 0x4E4CF5B: pn_strndup (util.c:148)
==26215==    by 0x4E5B0EE: pn_bytes_strdup (transport.c:1154)
==26215==    by 0x4E5B0EE: pn_do_open (transport.c:1199)
==26215==    by 0x4E53270: pni_dispatch_action (dispatcher.c:74)
==26215==    by 0x4E53270: pni_dispatch_frame (dispatcher.c:116)
==26215==    by 0x4E53270: pn_dispatcher_input (dispatcher.c:135)
==26215==    by 0x4E599BB: pn_input_read_amqp (transport.c:2524)
==26215==    by 0x4E59A89: transport_consume (transport.c:1800)
==26215==    by 0x4E5D115: pn_transport_process (transport.c:2909)
==26215==    by 0x404EBB: on_read (libuv_proactor.c:511)
==26215==    by 0x509A2FC: ??? (in /usr/lib/libuv.so.1.0.0)
==26215==    by 0x509AC0B: ??? (in /usr/lib/libuv.so.1.0.0)
==26215==    by 0x509F937: uv__io_poll (in /usr/lib/libuv.so.1.0.0)
==26215==    by 0x50912B3: uv_run (in /usr/lib/libuv.so.1.0.0)
==26215== 
"test message: 26"

^C==26215== 
==26215== Process terminating with default action of signal 2 (SIGINT)
==26215==    at 0x5EB2F19: syscall (in /usr/lib/libc-2.24.so)
==26215==    by 0x50A1579: uv__epoll_wait (in /usr/lib/libuv.so.1.0.0)
==26215==    by 0x509F883: uv__io_poll (in /usr/lib/libuv.so.1.0.0)
==26215==    by 0x50912B3: uv_run (in /usr/lib/libuv.so.1.0.0)
==26215==    by 0x405514: pn_proactor_wait (libuv_proactor.c:709)
==26215==    by 0x403C9C: main (receive.c:194)
==26215== 
==26215== HEAP SUMMARY:
==26215==     in use at exit: 82,501 bytes in 737 blocks
==26215==   total heap usage: 860 allocs, 123 frees, 98,564 bytes allocated
==26215== 
==26215== LEAK SUMMARY:
==26215==    definitely lost: 0 bytes in 0 blocks
==26215==    indirectly lost: 0 bytes in 0 blocks
==26215==      possibly lost: 62,773 bytes in 733 blocks
==26215==    still reachable: 19,728 bytes in 4 blocks
==26215==         suppressed: 0 bytes in 0 blocks
==26215== Rerun with --leak-check=full to see details of leaked memory
==26215== 
==26215== For counts of detected and suppressed errors, rerun with: -v
==26215== ERROR SUMMARY: 6 errors from 1 contexts (suppressed: 0 from 0)