Fix gss_str_to_oid and gss_oid_to_str edge cases

Fix gss_str_to_oid and gss_oid_to_str edge cases

Neither function correctly handled OIDs whose second arc exceeds 47
(theoretically possible if the first arc is 2).  gss_str_to_oid had
additional problems: it used scanf, it didn't consistently protect
against read overrun if the input buffer wasn't null-terminated, and
it could get confused by + or - characters in the first two arcs.  Fix
gss_oid_to_str and rewrite gss_str_to_oid.

Also add a test program.

ticket: 7524 (new)