Fix invalid pointer dereference in OBJ decoder for faces without vertices

[gn00295120]

Summary

ObjDecoder crashes when an OBJ file contains face definitions (f 1 2 3) but no preceding vertex positions (v ...). The position attribute ID stays at its initial value of -1, and PointCloud::attribute(-1) dereferences out of bounds.

Additionally, negative OBJ vertex indices (e.g., f -1 -2 -3) are resolved against num_positions_ without checking for underflow.

Changes

• After the counting pass, reject files that have faces but zero vertex positions (early error instead of UB)
• Guard MapPointToVertexIndices against pos_att_id_ < 0
• Validate that resolved negative indices are non-negative before use

Reproduction

# Build with ASAN
cmake -B build -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ \
  -DCMAKE_CXX_FLAGS="-fsanitize=address -fno-omit-frame-pointer" \
  -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address" .
cmake --build build

# 8-byte OBJ file triggers SEGV
printf 'f 1 2 3\n' > crash.obj
./build/draco_encoder -i crash.obj

ASAN trace (before fix):

==PID==ERROR: AddressSanitizer: SEGV on unknown address 0xfffffffffffffff8
    #0 in draco::PointCloud::attribute(int) point_cloud.h:89
    #1 in draco::ObjDecoder::MapPointToVertexIndices obj_decoder.cc:643
    #2 in draco::ObjDecoder::ParseFace obj_decoder.cc:450