Detect buffer underflow in get_th()

If get_th() can receive input that is not a number,
then it can also receive empty input.

Empty input with zero length can result in a buffer underflow
when accessing *(num + (len - 1)), as (len - 1) would produce a negative index.
Add a check for zero-length input to prevent it.

This was found by ALT Linux Team.

Author: almkuznetsov

src/backend/utils/adt/formatting.c

@@ -1565,6 +1565,11 @@ get_th(char *num, int type)
 	int			len = strlen(num),
 				last;
 
+	if (len == 0)
+		ereport(ERROR,
+				(errcode(ERRCODE_ZERO_LENGTH_CHARACTER_STRING),
+				 errmsg("input cannot be empty string")));
+
 	last = *(num + (len - 1));
 	if (!isdigit((unsigned char) last))
 		ereport(ERROR,