Subject: Fix casts and bounds check (found by oss-fuzz)
Origin: FILE5_36-1-gecca6e54 <https://github.com/file/file/commit/FILE5_36-1-gecca6e54>
Upstream-Author: Christos Zoulas <christos@zoulas.com>
Date: Wed Feb 20 16:15:47 2019 +0000

--- a/src/encoding.c
+++ b/src/encoding.c
@@ -442,9 +442,9 @@
 		/* XXX fix to properly handle chars > 65536 */
 
 		if (bigend)
-			ubf[(*ulen)++] = bf[i + 1] + 256 * bf[i];
+			ubf[(*ulen)++] = bf[i + 1] + (bf[i] << 8);
 		else
-			ubf[(*ulen)++] = bf[i] + 256 * bf[i + 1];
+			ubf[(*ulen)++] = bf[i] + (bf[i + 1] << 8);
 
 		if (ubf[*ulen - 1] == 0xfffe)
 			return 0;
@@ -475,15 +475,17 @@
 
 	*ulen = 0;
 
-	for (i = 4; i + 1 < nbytes; i += 4) {
+	for (i = 4; i + 3 < nbytes; i += 4) {
 		/* XXX fix to properly handle chars > 65536 */
 
 		if (bigend)
 			ubf[(*ulen)++] = bf[i + 3] | (bf[i + 2] << 8)
-			    | (bf[i + 1] << 16) | bf[i] << 24;
+			    | (bf[i + 1] << 16)
+			    | CAST(unichar, bf[i] << 24);
 		else
 			ubf[(*ulen)++] = bf[i] | (bf[i + 1] << 8) 
-			    | (bf[i + 2] << 16) | (bf[i + 3] << 24);
+			    | (bf[i + 2] << 16)
+			    | CAST(unichar, bf[i + 3] << 24);
 
 		if (ubf[*ulen - 1] == 0xfffe)
 			return 0;