Integer overflow in the decode_digit function in puny_decode.c in Libidn2before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.