Pointer overflow in memarea_alloc()

There is a pointer overflow in memarea_alloc():

  if (chunk->next_mem+sz > chunk->U_MEM+chunk->mem_size) {

It does not seem to be RCE exploitable, since in all places in routerparse.c where memareas are used, we restrict the input size to 128kb or so (through MAX_LINE_LENGTH and MAX_UNPARSED_OBJECT_SIZE).

However, we should still fix this to plug any DoS threats and for future code correctness.

The bug was found by Guido Vranken through the hackerone bug bounty program.