Add GFM extensions to fuzzing harness (commonmark#127)

* Check for empty buffer when rendering

For empty documents, `->size` is zero so
`renderer.buffer->ptr[renderer.buffer->size - 1]` will cause an out-of-bounds
read. Empty buffers always point to the global `cmark_strbuf__initbuf` buffer
so we read `cmark_strbuf__initbuf[-1]`.

* Don't discard empty fuzz test-cases

We currently discard fuzz test-cases that are empty but empty inputs are valid
markdown. This improves the fuzzing coverage slightly.

* Fuzz width parameter too

Allow the `width` parameter to be generated too so we get better fuzz-coverage.

* Allow GFM-specific options

* Load GFM extensions in fuzz harness

* Avoid out-of-bounds read in _ext_scan_at

An off-by-one error in _ext_scan_at can trigger an out-of-bounds read with
`offset == len`. This can be triggered when scanning the end of a table header:

```
==14==WARNING: MemorySanitizer: use-of-uninitialized-value
    0 0x574410 in _scan_table_cell /src/octofuzz/extensions/ext_scanners.c:557:9
    1 0x57093f in _ext_scan_at /src/octofuzz/extensions/ext_scanners.c:15:11
    2 0x565fb8 in row_from_string /src/octofuzz/extensions/table.c:126:20
    3 0x55b360 in try_opening_table_header /src/octofuzz/extensions/table.c:182:16
    4 0x55b360 in try_opening_table_block /src/octofuzz/extensions/table.c:330
    5 0x59377e in open_new_blocks /src/octofuzz/src/blocks.c:1216:27
    6 0x59377e in S_process_line /src/octofuzz/src/blocks.c:1405
    7 0x58ba2e in cmark_parser_finish /src/octofuzz/src/blocks.c:1432:5
    8 0x55a1ea in LLVMFuzzerTestOneInput /src/octofuzz/test/cmark-fuzz.c:64:23
    9 0x4d256f in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:463:13
    10 0x49a14c in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:273:6
    11 0x4adcbe in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:689:9
    12 0x4992c1 in main /src/libfuzzer/FuzzerMain.cpp:20:10
    13 0x7fcdd8b4c82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    14 0x41ea18 in _start (/work/work891511962/cmark_fuzzer+0x41ea18)

  Unnitialized value was created by a heap allocation
    0 0x44d6d5 in realloc /src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:847
    1 0x576cfc in xrealloc /src/octofuzz/src/cmark.c:27:19
    2 0x65ae70 in cmark_strbuf_grow /src/octofuzz/src/buffer.c:58:31
    3 0x65ae70 in cmark_strbuf_init /src/octofuzz/src/buffer.c:32
    4 0x59da38 in make_block /src/octofuzz/src/blocks.c:69:3
    5 0x59da38 in add_child /src/octofuzz/src/blocks.c:379
    6 0x59da38 in add_text_to_container /src/octofuzz/src/blocks.c:1343
    7 0x59da38 in S_process_line /src/octofuzz/src/blocks.c:1409
    8 0x58b307 in S_parser_feed /src/octofuzz/src/blocks.c:702:9
    9 0x55a1ca in LLVMFuzzerTestOneInput /src/octofuzz/test/cmark-fuzz.c:63:5
    10 0x4d256f in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:463:13
    11 0x49a14c in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:273:6
    12 0x4adcbe in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:689:9
    13 0x4992c1 in main /src/libfuzzer/FuzzerMain.cpp:20:10
    14 0x7fcdd8b4c82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
```

Author: philipturnbull