Evas/cserve2: Add some safety checks when reading socket messages

Fixes CID 1039571 and 1039572.

src/bin/evas/dummy_slave.c

@@ -23,6 +23,10 @@ command_read(int fd, Slave_Command *cmd, void **params)
    if (ret < (int)sizeof(int) * 2)
      return EINA_FALSE;
 
+   if(!((ints[0] > 0) && (ints[0] <= 0xFFFF) &&
+        (ints[1] >= 0) && (ints[1] < SLAVE_COMMAND_LAST)))
+     return EINA_FALSE;
+
    size = ints[0];
    buf = malloc(size);
    if (!buf) return EINA_FALSE;

src/bin/evas/evas_cserve2.h

@@ -99,7 +99,8 @@ typedef enum {
    FONT_LOAD,
    FONT_GLYPHS_LOAD,
    SLAVE_QUIT,
-   ERROR
+   ERROR,
+   SLAVE_COMMAND_LAST
 } Slave_Command;
 
 struct _Slave_Msg_Image_Open {

src/bin/evas/evas_cserve2_slave.c

@@ -188,6 +188,9 @@ command_read(int fd, Slave_Command *cmd, void **params)
    if (ret < (int)sizeof(int) * 2)
      return EINA_FALSE;
 
+   EINA_SAFETY_ON_FALSE_RETURN_VAL((ints[0] > 0) && (ints[0] <= 0xFFFF), EINA_FALSE);
+   EINA_SAFETY_ON_FALSE_RETURN_VAL((ints[1] >= 0) && (ints[1] < SLAVE_COMMAND_LAST), EINA_FALSE);
+
    size = ints[0];
    buf = malloc(size);
    if (!buf) return EINA_FALSE;