Resolve buffer overflows in __pmDecodeNameList routine

Resolve buffer overflows in __pmDecodeNameList routine

__pmDecodeNameList fetches the number of bytes to allocate for storing
the incoming name strings from the PDU.  The function does not check if
the strings provided later actually fit into the buffer, leading to a
heap-based buffer overflow.

In addition, __pmDecodeNameList does not properly check the length
of the status and names arrays against the PDU length, and does not
guard against integer overflow when calculating the malloc argument.
This leads to another heap-based buffer overflow.

Original report and fixes reviewed by Florian Weimer of the Red Hat
Security team.  Red Hat bugzilla bug #840920.

Security advisory CVE-2012-3418.