CVE-2021-26937: GNU Screen heap overflow in UTF-8 combining character LRU pool (utf8_handle_comb)

GNU Screen 4.8.0 has a heap buffer overflow in src/encoding.c in the UTF-8 combining character handling subsystem. Three interlocking bugs allow a remote attacker to corrupt heap memory via crafted UTF-8 combining character sequences:\n\n1. comb_tofront(root, i) used an externally-supplied 'root' parameter across all iterations of its chain-following loop, even when the chain crossed pool boundaries (single-width pool 0x000-0x6FF vs double-width pool 0x700-0x7FF). This corrupted the LRU linked lists, eventually making combchars[0x800]->prev point to 0x800 (the root sentinel itself).\n\n2. The recycle guard if (c1 == i + 0xd800) was missing the check i == 0x800 || i == 0x801, allowing the root sentinel entries' c1/c2 fields (which control loop bounds) to be overwritten with attacker-controlled combining character codepoints.\n\n3. utf8_isdouble() didn't recognize the private-use range 0xdf00-0xdfff used internally for double-width combining sequences, causing misrouting and accelerating cross-pool corruption.\n\nResult: combchars[0x800]->c2 (the loop upper bound) gets set to a large Unicode codepoint value. Next call iterates i far beyond the 0x802-entry array, achieving heap overflow.