Add assert to CSV parser and explain its condition

Coverity Scan has found a possible bug in a CSV parser - dereferencing
of a null pointer.
But it is not possible. Lets explain:

According to Coverity, the null dereference is in CSV_IN_QUOTES
processing in csv_parse_impl.
But bufp (nullified pointer) can be set to null only in two cases:
CSV_NEWFIELD and CSV_OUT_OF_QUOTES.

In a case of CSV_NEWFIELD the parser sets the state to CSV_LEADING_SPACES and
on a next iteration it sets bufp to not null.

In a case of CSV_OUT_OF_QUOTES the parser can nullify bufp only
if is_end_of_line was true at the end of 'out_of_quotes' processing.
But it means, that is_end_of_line was true at the beginning of
processing too, because CSV_OUT_OF_QUOTES does not modify it.
And at the beggining, if is_end_of_line was true, then the state
is set to CSV_LEADING_SPACES. And on a next iteration bufp are set
to not null.

Closes #2692

src/lib/csv/csv.c

@@ -224,6 +224,28 @@ csv_parse_impl(struct csv *csv, const char *s, const char *end, bool firstonly)
 			}
 			break;
 		case CSV_IN_QUOTES:
+			/*
+			 * Bufp can became NULL in two cases:
+			 * CSV_NEWFIELD and CSV_OUT_OF_QUOTES.
+			 *
+			 * In a case of 'newfield' the csv after
+			 * nullifying bufp and returning to the
+			 * iteration starts from
+			 * CSV_LEADING_SPACES. Here bufp is set
+			 * to not NULL (see 'leading_spaces').
+			 *
+			 * In a case of 'out_of_quotes' it can be
+			 * set to NULL only if
+			 * is_line_end == true. So at the
+			 * beginning of 'out_of_quotes'
+			 * is_line_end was true also
+			 * (see "if (is_line_end || ..." above).
+			 * In this 'if' the state of the csv is
+			 * set to CSV_LEADING_SPACES, so on a
+			 * next iteration the bufp are set to not
+			 * NULL.
+			 */
+			assert(csv->bufp != NULL);
 			if (*p == csv->quote_char) {
 				csv->state = CSV_QUOTE_CLOSING;
 			} else {