If the input URI ends with a trailing '%' (or a trailing '%N'), we
read outside the provided buffer.
On NULL terminated input, this happened to work out since we'd
correctly detect an invalid %-sequence as soon as we read the NULL
terminator.
On input that is not NULL terminated, we're out of luck.
This patch fixes this by also checking we have enough input left to
even _try_ to read the %-digits.
Also add unit tests for this particular case.
Closes#2353
Current maximum is provided by sysconf(_SC_HOST_NAME_MAX) instead.
uri.c:269:20: error: use of undeclared identifier 'HOST_NAME_MAX'
char this_host[HOST_NAME_MAX];
^
