* charset.c: Integer overflow fixes.
Don't rely on undefined behavior with signed left shift overflow. Don't assume unsigned int fits into fixnum, or that fixnum fits into unsigned int. Don't require max_code to be a valid fixnum; that's not true for gb10830 4-byte on a 32-bit host. Allow invalid_code to be a cons, for the same reason. Require code_offset to be a character. Avoid int overflow if max_char is close to INT_MAX. (CODE_POINT_TO_INDEX): On 32-bit hosts, return int, not unsigned; this is intended anyway and avoids some undefined behavior. (load_charset_map): Pass unsigned, not int, as 2nd arg of INDEX_TO_CODE_POINT, as that's what it expects. (Funify_charset, encode_char): Don't stuff unsigned vals into int vars.
Showing with 45 additions and 32 deletions