Enable clang integer sanitizer and clean up a few warnings.

Changed to use simple indexing instead of while (count--) in buf_read()/buf_write(),
because the count overflowed from 0 to max on the last iteration. While the unsigned
integer overflow is defined and behaviour was correct, making this simple change
allowed enabling the sanitizer which might catch true errors elsewhere in the code.