Some use after free in tinyformat.h reported by Clang MemorySanitizer

[illwieckz]

Because of:

• Weird munmap_chunk(): invalid pointer crash when freeing pic in R_FindImageFile() #1598

I decided to run some memory checkers on the engine, here is the first error I caught using Clang MemorySanitizer:

==116425==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x5555556c4a59 in tinyformat::detail::formatImpl(std::ostream&, char const*, tinyformat::detail::FormatArg const*, int)
     Unvanquished/daemon/libs/tinyformat/tinyformat.h:677:33
    #1 0x5555556c4519 in tinyformat::vformat(std::ostream&, char const*, tinyformat::FormatList const&)
     Unvanquished/daemon/libs/tinyformat/tinyformat.h:808:5
    #2 0x5555556ff864 in void tinyformat::format<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>(std::ostream&, char const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&)
     Unvanquished/daemon/libs/tinyformat/tinyformat.h:815:5
    #3 0x5555556ff589 in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> tinyformat::format<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>(char const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&)
     Unvanquished/daemon/libs/tinyformat/tinyformat.h:824:5
    #4 0x5555556ff211 in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> Str::Format<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>(Str::BasicStringRef<char>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>&&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>&&)
     Unvanquished/daemon/src/common/String.h:335:16
    #5 0x5555556feaf5 in Cvar::Cvar<bool>::GetDescription[abi:cxx11]()
     Unvanquished/daemon/src/common/Cvar.h:327:16
    #6 0x55555570c00e in Cvar::Cvar<bool>::Register()
     Unvanquished/daemon/src/common/Cvar.h:322:29
    #7 0x5555556f3c5b in Cvar::Cvar<bool>::Cvar(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, int, bool) Unvanquished/daemon/src/common/Cvar.h:267:9
    #8 0x5555555bd811 in __cxx_global_var_init.1
     Unvanquished/daemon/src/engine/qcommon/common.cpp:58:18
    #9 0x5555555c042d in _GLOBAL__sub_I_common.cpp
     Unvanquished/daemon/src/engine/qcommon/common.cpp
    #10 0x7ffff6e2a303 in call_init
     csu/../csu/libc-start.c:145:3
    #11 0x7ffff6e2a303 in __libc_start_main
     csu/../csu/libc-start.c:347:5
    #12 0x555555627c74 in _start
     (build/engine/default-linux-amd64-clang-nolto-debug-exe/daemon+0xd3c74) (BuildId: 04f90311fdaf7cba90fc6f1caaa6d1cddf144c8e)

SUMMARY: MemorySanitizer: use-of-uninitialized-value Unvanquished/daemon/libs/tinyformat/tinyformat.h:677:33
 in tinyformat::detail::formatImpl(std::ostream&, char const*, tinyformat::detail::FormatArg const*, int)
Exiting