ucl_parse_value: fix out-of-bounds read

If the string ends with a Multiline terminator without a newline, the
function tried to read the next character to check for a newline without
checking if the pointer was past the end of the buffer. This commit adds
a bounds check and return early with an error in case of missing
newline.

Fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21579

src/ucl_parser.c

@@ -1828,6 +1828,11 @@ ucl_parse_value (struct ucl_parser *parser, struct ucl_chunk *chunk)
  while (p < chunk->end && *p >= 'A' && *p <= 'Z') {
  p ++;
  }
+ if(p == chunk->end) {
+ ucl_set_err (parser, UCL_ESYNTAX,
+ "unterminated multiline value", &parser->err);
+ return false;
+ }
  if (*p =='\n') {
  /* Set chunk positions and start multiline parsing */
  chunk->remain -= p - c + 1;