Regex: Fix integer overflow in expression parsing.

See: https://oss-fuzz.com/v2/testcase-detail/6189682419302400?noredirect=1

include/boost/regex/v4/basic_regex_parser.hpp

@@ -2070,6 +2070,11 @@ insert_recursion:
          fail(regex_constants::error_perl_extension, m_position - m_base, "An invalid or unterminated recursive sub-expression.");
          return false;
       }
+      if ((std::numeric_limits<boost::intmax_t>::max)() - m_mark_count < v)
+      {
+         fail(regex_constants::error_perl_extension, m_position - m_base, "An invalid or unterminated recursive sub-expression.");
+         return false;
+      }
       v += m_mark_count;
       goto insert_recursion;
    case regex_constants::syntax_dash:

include/boost/regex/v4/regex_traits_defaults.hpp

@@ -307,6 +307,7 @@ template <class charT, class traits>
 boost::intmax_t global_toi(const charT*& p1, const charT* p2, int radix, const traits& t)
 {
    (void)t; // warning suppression
+   boost::intmax_t limit = (std::numeric_limits<boost::intmax_t>::max)() / radix;
    boost::intmax_t next_value = t.value(*p1, radix);
    if((p1 == p2) || (next_value < 0) || (next_value >= radix))
       return -1;
@@ -319,6 +320,8 @@ boost::intmax_t global_toi(const charT*& p1, const charT* p2, int radix, const t
       result *= radix;
       result += next_value;
       ++p1;
+      if (result > limit)
+         return -1;
    }
    return result;
 }