The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string"s length, allowing attackers to cause a denial of service by crafting an input file with certain translation dictionaries.