If count == 0 and size > 0, then n_bytes is 0, buffer is a 1-byte
allocation, and the assignment to buffer[size] would write to buffer[1]
(or past it), which is past the end of the allocation.
Found by Address Sanitizer.
size_t n_bytes = size * count;
char *buffer = xmalloc (n_bytes + 1);
read_bytes (r, buffer, n_bytes);
size_t n_bytes = size * count;
char *buffer = xmalloc (n_bytes + 1);
read_bytes (r, buffer, n_bytes);
+ buffer[n_bytes] = '\0';
text->reader = r;
text->buffer = buffer;
text->size = n_bytes;
text->reader = r;
text->buffer = buffer;
text->size = n_bytes;