Deal with integer overflow bug in recent variable length lookbehind c…

…ode. Fixes ClusterFuzz 61627.

src/pcre2_compile.c

@@ -9658,8 +9658,8 @@ for (;; pptr++)
     if (max != REPEAT_UNLIMITED)
       {
       if (lastitemlength != 0 &&  /* Should not occur, but just in case */
-          min != 0 &&
-          INT_MAX/lastitemlength < max - 1)
+          max != 0 &&
+          (INT_MAX - branchlength)/lastitemlength < max - 1)
         {
         *errcodeptr = ERR87;  /* Integer overflow; lookbehind too big */
         return -1;

testdata/testinput2

@@ -5973,4 +5973,6 @@ a)"xI
 
 /(?<=(()()()()()()()()()()()()()(()()()()(())()()()()(()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()(())()()()()(()()()()()()(()()()()()()()()()()()()()()()()()()()()()(())()()()()(()()()()()()()()()()()()()(()()()()()()()()()()()()()(()())))))))))/
 
+/(?<!( {65054}){0,44965})/auto_callout
+
 # End of testinput2

testdata/testoutput2

@@ -17803,6 +17803,9 @@ Failed: error 187 at offset 0: lookbehind assertion is too long
 
 /(?<=(()()()()()()()()()()()()()(()()()()(())()()()()(()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()(())()()()()(()()()()()()(()()()()()()()()()()()()()()()()()()()()()(())()()()()(()()()()()()()()()()()()()(()()()()()()()()()()()()()(()())))))))))/
 
+/(?<!( {65054}){0,44965})/auto_callout
+Failed: error 187 at offset 0: lookbehind assertion is too long
+
 # End of testinput2
 Error -70: PCRE2_ERROR_BADDATA (unknown error number)
 Error -62: bad serialized data