* src/ber-help.h (MAX_SERIALNO_LENGTH): New.
(MAX_KEYID_DER_LENGTH): New.
(MAX_CERT_EXT_LENGTH): New.
* src/cms.c (ksba_cms_get_issuer_serial): Error out if the s/n exceeds
a limit.
* src/cert.c (ksba_cert_get_serial): Ditto.
(ksba_cert_get_auth_key_id): Ditto.  This also fixes a possible
corrupted s-exp due to an int overlow by a long on systems where this
differs.  Also check the keyid length.
(get_simple_octet_string_ext): Likewise.