BdfReaderImpl accepts any string/raw length up to Integer.MAX_VALUE
This leads to a remotely triggerable OOM by sending, for example, a private message with the body 0x604406400000, which is the start of a BDF list containing a 100 MB string, causing the BdfReaderImpl to try to allocate a 100 MB buffer.
Edited by akwizgran