CVE-2017-13089: Wget Stack Overflow in Chunked Transfer Encoding Handler

GNU wget versions up to 1.19.1 contain a stack-based buffer overflow vulnerability in the skip_short_body() function when processing HTTP responses with chunked transfer encoding. The vulnerability occurs because chunk sizes are read using strtol() without validation for negative values. When a malicious HTTP server sends a negative chunk size (e.g., '-1' or '-ffffffff'), the resulting negative value is used as a size parameter to fd_read(), which implicitly casts it to unsigned. This causes the function to attempt reading an enormous amount of data into a 512-byte stack-allocated buffer, resulting in stack corruption and potential code execution.