fuzz: Reject some more "expensive" descriptors in the scriptpubkeyman target

The same are rejected in the descriptor_parse target, so it makes sense
to reject them here as well.

src/wallet/test/fuzz/scriptpubkeyman.cpp

@@ -51,20 +51,19 @@ void initialize_spkm()
 }
 
 /**
- * Key derivation is expensive. Deriving deep derivation paths take a lot of compute and we'd rather spend time
- * elsewhere in this target, like on actually fuzzing the DescriptorScriptPubKeyMan. So rule out strings which could
- * correspond to a descriptor containing a too large derivation path.
+ * Deriving "expensive" descriptors will consume useful fuzz compute. The
+ * compute is better spent on a smaller subset of descriptors, which still
+ * covers all real end-user settings.
  */
-static bool TooDeepDerivPath(std::string_view desc)
+static bool IsTooExpensive(std::span<const uint8_t> desc)
 {
-    const FuzzBufferType desc_buf{reinterpret_cast<const unsigned char *>(desc.data()), desc.size()};
-    return HasDeepDerivPath(desc_buf);
+    return HasDeepDerivPath(desc) || HasTooManySubFrag(desc) || HasTooManyWrappers(desc);
 }
 
 static std::optional<std::pair<WalletDescriptor, FlatSigningProvider>> CreateWalletDescriptor(FuzzedDataProvider& fuzzed_data_provider)
 {
     const std::string mocked_descriptor{fuzzed_data_provider.ConsumeRandomLengthString()};
-    if (TooDeepDerivPath(mocked_descriptor)) return {};
+    if (IsTooExpensive(MakeUCharSpan(mocked_descriptor))) return {};
     const auto desc_str{MOCKED_DESC_CONVERTER.GetDescriptor(mocked_descriptor)};
     if (!desc_str.has_value()) return std::nullopt;