Fix buffer read overflows in GUri
See the commit messages for details.
This is not a security issue as GUri
has not been included in a stable GLib release yet. It needs to be fixed before 2.66 though.
The corresponding fix in libsoup is here: libsoup!126 (merged). It is not a security issue as the libsoup API only exposes nul-terminated strings, which prevent the read off the end of the buffer.
Spotted by oss-fuzz as oss-fuzz#23815 and oss-fuzz#23818.