server: Fix undefined behavior in wl_socket_init_for_display_name

server: Fix undefined behavior in wl_socket_init_for_display_name

This function constructs a socket path in sun_path using snprintf, which
returns the amount of space that would have been used if the buffer was
large enough. It then checks if this is larger then the actual buffer size
and, if so, returns ENAMETOOLONG. This is correct.

However, after calling snprintf and before checking that the length isn't too
long, it tries to compute a pointer to the part of the path that matches the
input name. It does this by adding the computed path length to the pointer to
the start of the path buffer, which will take it to one-past the null
terminator, and then walking backwards. If the path fits in the buffer, this
will take it at most one-past-the-end of the allocation, which is allowed, but
if the path is longer then the buffer then the pointer addition is undefined behavior.

Fix this by moving the display name computation past the check that the path
length is not too long.

This is detected by the test socket_path_overflow_server_create under ubsan.

Signed-off-by: Fergus Dall <sidereal@google.com>