A fix addresses out-of-bounds (OOB) reads in the UGM tokenizer caused by improper handling of the `precompiled_charsmap`. The vulnerability allows heap-buffer-overflow attacks via malicious T5/UGM GGUF files.

  • Validate minimum size (4 bytes) before reading `xcda_blob_size`.
  • Replace unsafe `strlen` with a bounds-checked loop scanning for \0 within the remaining array size.
  • Move bounds checks to the load phase.

This change prevents potential memory corruption and security issues arising from malformed tokenizer data.