Infinite loops parsing malicious DER certificates in libtasn1 4.7

[Pascal Cuoq <cuoq () trust-in-soft com>]

The libtasn1 library, in its 4.7 version, can loop for a long time or indefinitely when it is used to parse DER 
representations of X509 certificates, leading to a denial of service. Some of these loops may in addition increase heap 
or stack usage, leading to more issues.

These issues were found by Pascal Cuoq and Miod Vallat using american fuzzy lop. They are fixed in libtasn1 version 4.8.

Proof of concept, using the test files distributed in http://ftp.gnu.org/gnu/libtasn1/libtasn1-4.8.tar.gz :

~/libtasn1-4.8 $ asn1Decoding -v
asn1Decoding (libtasn1) 4.7
…
~/libtasn1-4.8 $ asn1Decoding tests/pkix.asn tests/invalid-x509/id-000000.der PKIX1.Certificate
tests/pkix.asn:332: Warning: VisibleString is a built-in ASN.1 type.
tests/pkix.asn:334: Warning: NumericString is a built-in ASN.1 type.
tests/pkix.asn:336: Warning: IA5String is a built-in ASN.1 type.
tests/pkix.asn:338: Warning: TeletexString is a built-in ASN.1 type.
tests/pkix.asn:340: Warning: PrintableString is a built-in ASN.1 type.
tests/pkix.asn:342: Warning: UniversalString is a built-in ASN.1 type.
tests/pkix.asn:345: Warning: BMPString is a built-in ASN.1 type.
tests/pkix.asn:349: Warning: UTF8String is a built-in ASN.1 type.
Parse: done.
^C