Make sha256_process() easier for static analyzers

md->curlen cannot indicate full buffer size here since the buffered
data is processed whenever the full block size of data is available.
Avoid invalid warnings from static analyzers on memcpy() outside the
buffer length by verifying that curlen is smaller than block size.

Signed-hostap: Jouni Malinen <j@w1.fi>

src/crypto/sha256-internal.c

@@ -164,7 +164,7 @@ static int sha256_process(struct sha256_state *md, const unsigned char *in,
 	unsigned long n;
 #define block_size 64
 
-	if (md->curlen > sizeof(md->buf))
+	if (md->curlen >= sizeof(md->buf))
 		return -1;
 
 	while (inlen > 0) {