SARIF reader should translate relative paths to source code files coming from GCC

[kdudka]

As explained by David Malcolm at https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116613#c15 the artifact locations in the SARIF output produced by gcc may contain file paths relative to the working directory where gcc ran. Luckily, the working directory is recorded in the SARIF data. So csdiff needs to use the provided information to construct meaningful file paths for further processing of scan results.