resolv: Support an exactly sized buffer in ns_name_pack [BZ #21359]

This bug did not affect name resolution because those functions
indirectly call ns_name_pack with a buffer which is always larger
than the generated query packet, even in the case of the
longest-possible domain name.

resolv/ns_name.c

@@ -475,7 +475,7 @@ ns_name_pack(const u_char *src, u_char *dst, int dstsiz,
 			goto cleanup;
 		}
 		n = labellen(srcp);
-		if (dstp + 1 + n >= eob) {
+		if (n + 1 > eob - dstp) {
 			goto cleanup;
 		}
 		memcpy(dstp, srcp, n + 1);