Suricata

in src/reputation.c there is 2 places where:
while (isspace((unsigned char)line[--len]));
immediately followed by
len = strlen(line);
this while() is useless and dungerous, because it can lead to access memory before the buffer
if line contains all whitespace characters and the first one is not '\n'/'\r'/'\t' or ' ' (i.e. 0x0c)