Avoid reading past the end of buffer

CVE-2018-10360

https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22

--- a/src/readelf.c
+++ b/src/readelf.c
@@ -842,7 +842,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type,
 
 				cname = (unsigned char *)
 				    &nbuf[doff + prpsoffsets(i)];
-				for (cp = cname; *cp && isprint(*cp); cp++)
+				for (cp = cname; cp < nbuf + size && *cp
+				    && isprint(*cp); cp++)
 					continue;
 				/*
 				 * Linux apparently appends a space at the end