nts: check for negative length in NNA_DecryptAuthEF()

As other functions that accept a signed length, make sure it is sane in
NNA_DecryptAuthEF() too.

nts_ntp_auth.c

@@ -128,6 +128,9 @@ NNA_DecryptAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv, in
   void *ef_body;
   struct AuthHeader *header;
 
+  if (buffer_length < 0)
+    return 0;
+
   if (!NEF_ParseField(packet, info->length, ef_start,
                       NULL, &ef_type, &ef_body, &ef_body_length))
     return 0;

test/unit/nts_ntp_auth.c

@@ -82,6 +82,10 @@ test_unit(void)
     TEST_CHECK(r);
     TEST_CHECK(info.length - packet_length >= min_ef_length);
 
+    r = NNA_DecryptAuthEF(&packet, &info, siv, packet_length, plaintext2,
+                          -1, &plaintext2_length);
+    TEST_CHECK(!r);
+
     r = NNA_DecryptAuthEF(&packet, &info, siv, packet_length, plaintext2,
                           sizeof (plaintext2), &plaintext2_length);
     TEST_CHECK(r);