Buffer read out of bounds in derenc.c?

[rndmcgu11]

In file File https://github.com/microsoft/RIoT/blob/master/Reference/RIoT/RIoTCrypt/derenc.c, line 291:

negative = Val[numLeadingZeros] >= 128;

This function is called by DerAddInteger like this:

long valx = htonl(Val); // TODO: REMOVE USAGE
int res = DERAddIntegerFromArray(Context, (uint8_t*)&valx, 4);

suppose long is 32 bytes and the value of Val is 0, then numLeadingzeros = 4,
so Val[4] is read, but this is the 5th byte, so out of bounds