readline: Fix potential buffer overflow

cread_add_char doesn't take the trailing '\0' into account, so adding
it at the end of readline can overflow the buffer.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>

lib/readline.c

@@ -150,7 +150,7 @@ static void cread_add_char(char ichar, int insert, unsigned long *num,
 
 	/* room ??? */
 	if (insert || *num == *eol_num) {
-		if (*eol_num > len - 1) {
+		if (*eol_num > len - 2) {
 			getcmd_cbeep();
 			return;
 		}