Avoid additional pointer overflow in channeltls.c:channel_tls_process_certs_cells
See #10313 (moved) for general discription.
On IRC, bobnomnom notes a similar issue with channel_tls_process_certs_cells. In this case, the compiler can't easily optimize the pointer comparison away, so we don't need to worry about that, but technically speaking we might be constructing a pointer that wraps around ((void*)-1), which would give incorrect results.
And undefined behavior is very bad. So let's just fix this. Let's hunt for other places it occurs too.