Fix potential integer overflow in bin2hex

The code was already using safe_emalloc but did the multiplication in
the first argument, thus making the use of safe_emalloc pretty useless.

The *2 is now moved to the second argument.

Author: nikic

ext/standard/string.c

@@ -131,7 +131,7 @@ static char *php_bin2hex(const unsigned char *old, const size_t oldlen, size_t *
 	register unsigned char *result = NULL;
 	size_t i, j;
 
-	result = (unsigned char *) safe_emalloc(oldlen * 2, sizeof(char), 1);
+	result = (unsigned char *) safe_emalloc(oldlen, 2 * sizeof(char), 1);
 
 	for (i = j = 0; i < oldlen; i++) {
 		result[j++] = hexconvtab[old[i] >> 4];