Fix potential int overflow

  EXPECT_FALSE(CFRangeToNSRange(CFRangeMake(LONG_MAX, LONG_MAX), &range_out));

is failing with a new clang roll, there may be some existing undefined
behavior due to signed integer overflow.

Bug: 1133974
Change-Id: I5a1de0db2753fcb9f325e0dfaa2c228268417e9f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2441736
Commit-Queue: Nico Weber <thakis@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#812707}

base/mac/foundation_util.mm

@@ -13,6 +13,7 @@
 #include "base/mac/bundle_locations.h"
 #include "base/mac/mac_logging.h"
 #include "base/notreached.h"
+#include "base/numerics/checked_math.h"
 #include "base/numerics/safe_conversions.h"
 #include "base/stl_util.h"
 #include "base/strings/sys_string_conversions.h"
@@ -477,12 +478,13 @@ base::ScopedCFTypeRef<CFURLRef> FilePathToCFURL(const FilePath& path) {
 }
 
 bool CFRangeToNSRange(CFRange range, NSRange* range_out) {
+  decltype(range_out->location) end;
   if (base::IsValueInRangeForNumericType<decltype(range_out->location)>(
           range.location) &&
       base::IsValueInRangeForNumericType<decltype(range_out->length)>(
           range.length) &&
-      base::IsValueInRangeForNumericType<decltype(range_out->location)>(
-          range.location + range.length)) {
+      base::CheckAdd(range.location, range.length).AssignIfValid(&end) &&
+      base::IsValueInRangeForNumericType<decltype(range_out->location)>(end)) {
     *range_out = NSMakeRange(range.location, range.length);
     return true;
   }