Harden block-mode EOL stepping and fix offset/underflow issues in helpers

[rainman74]

Motivation

• Prevent end-of-buffer reads / Access Violations observed when block-mode line-stepping probed d[0]/d[1] after SCI_REPLACETARGET in convertall.
• Avoid unsigned underflow and incorrect cursor/selection offsets after replacements that change line lengths.
• Simplify and make trimtrailingspace pointer math safer by using explicit pointers and memmove instead of backward indexed loops.

Description

• Replaced ad-hoc EOL byte probes after block-mode SCI_REPLACETARGET with a safe scan: d = memspn(d,end,"\r\n",2) so no indexed reads occur near buffer end.
• Rewrote trimtrailingspace to use lineend/trimstart pointers and memmove for in-place trimming to avoid signed/unsigned and bounds risks.
• Made non-block-mode cursor/selection adjustment symmetric and safe by doing if (sln>=sellen) p2 += sln-sellen; else p2 -= sellen-sln; to eliminate unsigned underflow.
• Tightened adjustprplist to only add/subtract when safe and to clamp entries to zero when necessary to avoid underflow in poplist maintenance.
• Performed a targeted audit of all SCI_REPLACETARGET sites in SRC/NPPTextFX.cpp and confirmed the block-mode loop was the sole pointer-dereference hotspot requiring change.

Testing

• Searched and inspected all SCI_REPLACETARGET occurrences with rg -n "SCI_REPLACETARGET" SRC/NPPTextFX.cpp and contextualized each hit with nl/sed; checks succeeded.
• Applied the replacement with a Python patch script and verified the patch result (patched) and resulting diff with git diff --stat; verification succeeded.
• Committed the changes and reviewed the commit with git show --stat --oneline; commit succeeded.
• No Notepad++/Scintilla runtime tests were available in this environment, so behavioral runtime validation was not performed. Continuous integration / local runtime testing is recommended before release.

---

Codex Task