The function USBH_CDC_Receive should check that the parameter length is a multiple of endpoint size.
Reason for this that CDC_ProcessReception calls USBH_BulkReceiveData with the argument CDC_Handle->DataItf.InEpSize. So if the argument pbuff passed to USBH_CDC_Receive points to a buffer smaller than the endpoint size USBH_BulkReceiveData will write over the buffer end.
See also for a additional problem with CDC_ProcessReception.
EDIT:
Found another problem. "phost->pActiveClass->Name" is a argument but there is no "%s" in the format string.
USBH_DbgLog("Cannot Find the interface for Communication Interface Class.", phost->pActiveClass->Name);
Hope this is not a mistake of my side.
