[2019-12-06] - Found with Honggfuzz - CVE-2019-19630

Stack-based buffer overflow in the hd_strlcpy() function, in string.c.

Issue can be reproduced by running:

```
htmldoc test01.html -f test01.ps
```

```
=================================================================
==27915==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffefa66f0df at pc 0x000000494c40 bp 0x7ffefa66f070 sp 0x7ffefa66e838
WRITE of size 3 at 0x7ffefa66f0df thread T0
    #0 0x494c3f in __asan_memcpy (/home/fcambus/htmldoc-1.9.7/htmldoc/htmldoc+0x494c3f)
    #1 0x556aa5 in hd_strlcpy /home/fcambus/htmldoc-1.9.7/htmldoc/string.c:191:3
    #2 0x509ee3 in render_contents(tree_str*, float, float, float, float, float*, int*, int, tree_str*) /home/fcambus/htmldoc-1.9.7/htmldoc/ps-pdf.cxx:3765:5
    #3 0x4f3cfb in parse_contents(tree_str*, float, float, float, float, float*, int*, int*, tree_str*) /home/fcambus/htmldoc-1.9.7/htmldoc/ps-pdf.cxx:3853:13
    #4 0x4f3f6c in parse_contents(tree_str*, float, float, float, float, float*, int*, int*, tree_str*) /home/fcambus/htmldoc-1.9.7/htmldoc/ps-pdf.cxx
    #5 0x4e4fce in pspdf_export /home/fcambus/htmldoc-1.9.7/htmldoc/ps-pdf.cxx:860:5
    #6 0x4d17bb in main /home/fcambus/htmldoc-1.9.7/htmldoc/htmldoc.cxx:1276:3
    #7 0x7f68626141e2 in __libc_start_main /build/glibc-4WA41p/glibc-2.30/csu/../csu/libc-start.c:308:16
    #8 0x41d84d in _start (/home/fcambus/htmldoc-1.9.7/htmldoc/htmldoc+0x41d84d)

Address 0x7ffefa66f0df is located in stack of thread T0 at offset 63 in frame
    #0 0x5084be in render_contents(tree_str*, float, float, float, float, float*, int*, int, tree_str*) /home/fcambus/htmldoc-1.9.7/htmldoc/ps-pdf.cxx:3563

  This frame has 2 object(s):
    [32, 44) 'rgb' (line 3564)
    [64, 1088) 'number' (line 3570) <== Memory access at offset 63 partially underflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow (/home/fcambus/htmldoc-1.9.7/htmldoc/htmldoc+0x494c3f) in __asan_memcpy
Shadow bytes around the buggy address:
  0x10005f4c5dc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10005f4c5dd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10005f4c5de0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10005f4c5df0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10005f4c5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x10005f4c5e10: 00 00 00 00 f1 f1 f1 f1 00 04 f2[f2]00 00 00 00
  0x10005f4c5e20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10005f4c5e30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10005f4c5e40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10005f4c5e50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10005f4c5e60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==27915==ABORTING
```