glibc timezone/zic relname() may return NULL and then be used as symlink contents

In timezone/zic.c, relname(from,to) computes a path for symlink contents and returns a heap-allocated string. However, it can return NULL if the size check (dotdotetcsize <= linksize) fails and result was never allocated. The caller dolink() uses the returned pointer as the contents argument to symlink(), so a NULL return would lead to a NULL dereference/use of invalid pointer.