[2019-08-01] - Found with Honggfuzz - CVE-2019-14486

Buffer overflow in the cb_evaluate_expr() function, in field.c.

Issue can be reproduced by running:

```
cobc test02.cob
```

```
=================================================================
==13307==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000011b42e0 at pc 0x00000062e423 bp 0x7ffee11cfdd0 sp 0x7ffee11cfdc8
WRITE of size 8 at 0x0000011b42e0 thread T0
    #0 0x62e422 in cb_evaluate_expr /home/f/gnucobol/cobc/field.c:253:25
    #1 0x62d951 in cb_validate_78_item /home/f/gnucobol/cobc/field.c:2538:15
    #2 0x561f53 in yyparse /home/f/gnucobol/cobc/parser.y:6358:18
    #3 0x51d901 in process_translate /home/f/gnucobol/cobc/cobc.c:6937:8
    #4 0x5014d7 in process_file /home/f/gnucobol/cobc/cobc.c:8037:19
    #5 0x4faaaf in main /home/f/gnucobol/cobc/cobc.c:8219:12
    #6 0x7f0cceffdb6a in __libc_start_main /build/glibc-KRRWSm/glibc-2.29/csu/../csu/libc-start.c:308:16
    #7 0x41c539 in _start (/usr/local/bin/cobc+0x41c539)

0x0000011b42e0 is located 32 bytes to the left of global variable 'op_val_pos' defined in 'field.c:57:26' (0x11b4300) of size 4
0x0000011b42e0 is located 0 bytes to the right of global variable 'op_val' defined in 'field.c:60:18' (0x11b4260) of size 128
SUMMARY: AddressSanitizer: global-buffer-overflow /home/f/gnucobol/cobc/field.c:253:25 in cb_evaluate_expr
Shadow bytes around the buggy address:
  0x00008022e800: f9 f9 f9 f9 00 00 00 00 f9 f9 f9 f9 00 00 00 00
  0x00008022e810: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
  0x00008022e820: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
  0x00008022e830: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 00 f9 f9
  0x00008022e840: f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00
=>0x00008022e850: 00 00 00 00 00 00 00 00 00 00 00 00[f9]f9 f9 f9
  0x00008022e860: 04 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00
  0x00008022e870: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
  0x00008022e880: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
  0x00008022e890: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9
  0x00008022e8a0: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==13307==ABORTING
```