#4 fails to decrypt padded files

[James Monroe]

there is a flaw in padInput which calls realloc without accounting for the 2 extra bytes added in attachKey. this makes the allocated memory for input 2 bytes short, which will then get overwritten and then fail to decrypt (or crash). it's easy to test by encrypting readme-win32.txt.

note: the win32 exe provided does not fail. perhaps the source was already fixed but not updated. or the exe was compiled with a different version which padded out the heaps, hiding the flaw. (i'm using vc9 to compile)