common: fix pointer-before-start UB in drop_incomplete_utf8

[dxbjavid]

drop_incomplete_utf8() computes strchr(c, 0) - 1, which is undefined
when c is empty. The empty case is reached from
avahi_alternative_service_name(" #N") and avahi_alternative_host_name("-N")
via avahi_strndup(s, 0); fuzz-domain exercises both entry points.

[evverx]

As mentioned in another PR one-off fixes with no tests aren't considered especially in cases like this where tests are straightforward. I'll keep it open as a bug report though. Generally it would probably be better to open issues first and mention how issues are discovered along with all the details like the tooling, *san/Valgrind backtraces, the output of static analyzers and their names or anything like that.

I'll also point to https://github.com/avahi/avahi/blob/master/.github/CONTRIBUTING.md again

Our golden rule is that a contribution should be worth more to the project than the time it takes to review it.

[dxbjavid]

Fair enough on the test. Pushed one to alternative-test.c that runs the two inputs which reach drop_incomplete_utf8() with an empty string (" #1" and "-2", both via avahi_strndup(s, 0)).

On how it turned up: this came from reading the trimming loop rather than a crash. strchr(c, 0) - 1 forms a pointer before the start of the buffer when c is empty, which is UB per C11 6.5.6/8, but it's never dereferenced and the address doesn't wrap, so *san/valgrind stay quiet and there's no backtrace to attach. The empty case is reachable from the fuzz-domain entry points. I'll open issues first for the next ones.

[evverx]

Pushed one to alternative-test.c that runs the two inputs

The code is already exercised by the fuzz targets so in terms of testing the function the new tests don't add much without assertions making sure that it works as expected.