raster-interpret.c: Verify base for strtol()

Input for `atoi()` can be bad number for argument `base` in `strtol()`,
causing returning an incorrect pointer address and later segfault.

Break out from function if the base is incorrect.

Fixes OpenPrinting#1188

Author: zdohnal

cups/raster-interpret.c

@@ -1041,7 +1041,8 @@ scan_ps(_cups_ps_stack_t *st,		/* I  - Stack */
 			*cur,		/* Current position */
 			*valptr,	/* Pointer into value string */
 			*valend;	/* End of value string */
-  int			parens;		/* Parenthesis nesting level */
+  int			parens,		/* Parenthesis nesting level */
+			base;		/* Numeric base for strtol() */
 
 
   if (!*ptr)
@@ -1302,7 +1303,16 @@ scan_ps(_cups_ps_stack_t *st,		/* I  - Stack */
 	  * Integer with radix...
 	  */
 
-          obj.value.number = strtol(cur + 1, &cur, atoi(start));
+	  base = atoi(start);
+
+	 /*
+	  * strtol() takes 0 or 2 to 32 as base...
+	  */
+
+	  if (base != 0 && (base < 2 || base > 32))
+	    return (NULL);
+
+	  obj.value.number = strtol(cur + 1, &cur, base);
 	  break;
 	}
 	else if (strchr(".Ee()<>[]{}/%", *cur) || isspace(*cur & 255))