Fix theoretical integer overflow in Curl_auth_create_plain_message #5391
This PR fixes an incorrect integer overflow check in Curl_auth_create_plain_message.
The security impact of the potential integer overflow has been discussed with @bagder on hackerone. We agreed this is more of a theoretical vulnerability, as the integer overflow would only be triggerable on systems using 32-bits size_t and have over 4GB of available memory space.
We still thought this was worth fixing.