security: fix AliasCheck panic (update)

[kkzo]

Updated checkServiceExistsOnRemoteServer to ensure there are services returned from the specified node before proceeding with the service matcher.

Description

Resolves the following

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x2 addr=0x8 pc=0x10370a28c]

goroutine 344 [running]:
[github.com/hashicorp/consul/agent/checks.(*CheckAlias).checkServiceExistsOnRemoteServer(0x140009f37c0](http://github.com/hashicorp/consul/agent/checks.(*CheckAlias).checkServiceExistsOnRemoteServer(0x140009f37c0), 0x140009f37d0)
        [github.com/hashicorp/consul/agent/checks/alias.go:164](http://github.com/hashicorp/consul/agent/checks/alias.go:164) +0x18c
[github.com/hashicorp/consul/agent/checks.(*CheckAlias).runQuery.func1(0x1](http://github.com/hashicorp/consul/agent/checks.(*CheckAlias).runQuery.func1(0x1)?)
        [github.com/hashicorp/consul/agent/checks/alias.go:237](http://github.com/hashicorp/consul/agent/checks/alias.go:237) +0x28
[github.com/hashicorp/consul/agent/checks.(*CheckAlias).processChecks(0x140009f37c0](http://github.com/hashicorp/consul/agent/checks.(*CheckAlias).processChecks(0x140009f37c0), {0x0, 0x0, 0x1057baa22?}, 0x140010dff48)
        [github.com/hashicorp/consul/agent/checks/alias.go:284](http://github.com/hashicorp/consul/agent/checks/alias.go:284) +0x36c
[github.com/hashicorp/consul/agent/checks.(*CheckAlias).runQuery(0x140009f37c0](http://github.com/hashicorp/consul/agent/checks.(*CheckAlias).runQuery(0x140009f37c0), 0x0?)
        [github.com/hashicorp/consul/agent/checks/alias.go:236](http://github.com/hashicorp/consul/agent/checks/alias.go:236) +0x29c
[github.com/hashicorp/consul/agent/checks.(*CheckAlias).run(0x0](http://github.com/hashicorp/consul/agent/checks.(*CheckAlias).run(0x0)?, 0x0?)
        [github.com/hashicorp/consul/agent/checks/alias.go:89](http://github.com/hashicorp/consul/agent/checks/alias.go:89) +0x58
created by [github.com/hashicorp/consul/agent/checks.(*CheckAlias).Start](http://github.com/hashicorp/consul/agent/checks.(*CheckAlias).Start) in goroutine 342
        [github.com/hashicorp/consul/agent/checks/alias.go:64](http://github.com/hashicorp/consul/agent/checks/alias.go:64) +0x15c

Fixes #21339

Testing & Reproduction steps

curl --request PUT --data '{"name": "a", "check": {"AliasNode": "doesnotexist"}}' http://127.0.0.1:8500/v1/agent/service/register

Links

#21339

PR Checklist

• updated test coverage
• external facing docs updated
• appropriate backport labels added
• not a security concern

[hashicorp-cla-app]

All committers have signed the CLA.

[hashicorp-cla-app]

Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement

Learn more about why HashiCorp requires a CLA and what the CLA includes

_{Have you signed the CLA already but the status is still pending? Recheck it.}

[dduzgun-security]

@kkzo thanks a lot for your contribution to fix this panic call. Once the Contribution License Agreement is signed and the tests are 🟢, we should be good to merge.