Fix Lightning invoice parsing and fetching

Three issues were causing invoices to not render or fetch:

1. bech32.c: Hardcoded MAX_PREFIX limited HRP length, but BOLT11 HRPs
   can be arbitrarily long depending on amount. Now derives max HRP
   length dynamically from input length (len-6 to match bolt11.c buffer).

2. content_parser.c: bolt11_decode_minimal was passed a pointer into
   the content buffer without null-termination. When a note contained
   multiple invoices, the decoder would read past the first invoice
   into newlines and the second invoice, causing checksum failure.
   Fixed by creating a null-terminated copy using strndup.

3. bolt11.c: bech32_decode_alloc allocated buffers using strlen(str)-6
   and strlen(str)-8 without checking minimum length first. For inputs
   shorter than 8 chars, this caused size_t underflow leading to huge
   allocations and potential crash. Added early length guard.

IMPORTANT: bech32_decode callers must allocate hrp buffer of at least
strlen(input) - 6 bytes. This matches existing bolt11.c usage.

Changelog-Fixed: Fixed Lightning invoice parsing and fetching for all amounts

Closes: https://github.com/damus-io/damus/issues/3456
Closes: https://github.com/damus-io/damus/issues/3151
Signed-off-by: alltheseas <alltheseas@noreply.github.com>
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

nostrdb/src/bolt11/bolt11.c

@@ -376,8 +376,15 @@ static bool bech32_decode_alloc(const tal_t *ctx,
 				size_t *data_len,
 				const char *str)
 {
-    char *hrp = tal_arr(ctx, char, strlen(str) - 6);
-    u5 *data = tal_arr(ctx, u5, strlen(str) - 8);
+    size_t len = strlen(str);
+
+    /* Minimum: 1 HRP + '1' separator + 6 checksum = 8 chars.
+     * Guard prevents underflow in (len - 6) and (len - 8) below. */
+    if (len < 8)
+        return false;
+
+    char *hrp = tal_arr(ctx, char, len - 6);
+    u5 *data = tal_arr(ctx, u5, len - 8);
 
     if (bech32_decode(hrp, data, data_len, str, (size_t)-1)
         != BECH32_ENCODING_BECH32) {