Protect against OOB offset in variable list SSZ decoding (#974)

* Add "pretty-ssz" tool to lcli

* Protect against OOB SSZ offset

* Add more work on decoding

* Fix benches

* Add more decode fixes

* Rename fixed_ptr

* Add, fix tests

* Add extra test

* Increase SSZ decode error granularity

* Ripples new error types across ssz crate

* Add comment to `sanitize_offset`

* Introduce max_len to SSZ list decoding

* Restrict FixedVector, check for zero-len items

* Double check for empty list

* Address Michael's comment

lcli/src/helpers.rs

@@ -29,6 +29,14 @@ pub fn parse_path_with_default_in_home_dir(
         })
 }
 
+pub fn parse_path(matches: &ArgMatches, name: &'static str) -> Result<PathBuf, String> {
+    matches
+        .value_of(name)
+        .ok_or_else(|| format!("{} not specified", name))?
+        .parse::<PathBuf>()
+        .map_err(|e| format!("Unable to parse {}: {}", name, e))
+}
+
 pub fn parse_u64(matches: &ArgMatches, name: &'static str) -> Result<u64, String> {
     matches
         .value_of(name)