common: Protect against a theoretical integer overflow in tlv.c

* common/tlv.c (parse_ber_header): Protect agains integer overflow.

Although there is no concrete case where we use the (nhdr + length),
it is better to protect against this already here.