libsepol: check for saturated class name length

Check the from the polciy read length value to guard allocations.

In the fuzzer build the value will also be bounded to avoid oom reports.

    ==143646==ERROR: AddressSanitizer: allocator is out of memory trying to allocate 0xd60000000 bytes
        #0 0x4dac18 in __interceptor_calloc (./out/binpolicy-fuzzer+0x4dac18)
        #1 0x55d388 in scope_index_read ./libsepol/src/policydb.c:3945:7
        #2 0x550097 in avrule_decl_read ./libsepol/src/policydb.c:3984:6
        #3 0x550097 in avrule_block_read ./libsepol/src/policydb.c:4044:8
        #4 0x54b3ac in policydb_read ./libsepol/src/policydb.c:4456:7
        #5 0x518fd9 in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:35:6
        #6 0x43f623 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (./out/binpolicy-fuzzer+0x43f623)
        #7 0x42910f in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (./out/binpolicy-fuzzer+0x42910f)
        #8 0x42ee76 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (./out/binpolicy-fuzzer+0x42ee76)
        #9 0x458ff2 in main (./out/binpolicy-fuzzer+0x458ff2)
        #10 0x7fd37b7931c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16

Found by oss-fuzz (#42909)

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>

libsepol/src/policydb.c

@@ -3937,7 +3937,7 @@ static int scope_index_read(scope_index_t * scope_index,
 	if (rc < 0)
 		return -1;
 	scope_index->class_perms_len = le32_to_cpu(buf[0]);
-	if (scope_index->class_perms_len == 0) {
+	if (zero_or_saturated(scope_index->class_perms_len)) {
 		scope_index->class_perms_map = NULL;
 		return 0;
 	}