Motivation / Problem

Depending on the content of _openttd_revision and _openttd_revision_hash, GetNetworkRevisionString() could overflow and underflow its buffer for non-tagged releases.
Practically it should not trigger if revision and revision_hash are set correctly by the build process.

In any case:

• when _openttd_revision_hash is less than 10 characters, it will read beyond the bounds.
• when _openttd_revision does not have a dash -, hashofs is effectively the negative hash. By "luck" it gets converted to size_t in the following if so hashofs get set to something more sane but if that were not to happen, strecpy would start at nullptr.
• when _openttd_revision's length is less than githash_suffix's length, then hashofs becomes negative and strecpy would start writing before the buffer.

So, when the revision and hash are, for whatever reason, not filled there are reads and writes beyond the bounds of buffers.

Description

Rewrite the code to use std::string and perform the appropriate checks on sizes.
See https://godbolt.org/z/bbP3fxdxE for the behavior (old and new). When adding -fsanitize=address the example will be broken on the old version of the code.

Limitations

None, except the output differing in cases of under- and overflow.
Consideration can be made whether to backport it or not; problem is that it uses {fmt}, so some other manner of safely getting the githash should be devised in case it is going to be backported.

Checklist for review

Some things are not automated, and forgotten often. This list is a reminder for the reviewers.

• The bug fix is important enough to be backported? (label: 'backport requested')
• This PR affects the save game format? (label 'savegame upgrade')
• This PR affects the GS/AI API? (label 'needs review: Script API')
  • ai_changelog.hpp, gs_changelog.hpp need updating.
  • The compatibility wrappers (compat_*.nut) need updating.
• This PR affects the NewGRF API? (label 'needs review: NewGRF')
  • newgrf_debug_data.h may need updating.
  • PR must be added to API tracker