Fix size computation in replace_repeat() for special_case REPEAT_WITH_Q.

[millert]

This resulted in the NUL terminator being written to the end of the buffer which was not the same as the end of the string. That in turn caused garbage bytes from malloc() to be processed. Also change the NUL termination to be less error prone by writing the NUL immediately after the last byte copied.

Reproducible with the following under valgrind:

echo '#!/usr/bin/awk' | awk \
'/^#! ?\/.*\/[a-z]{0,2}awk/ {sub(/^#! ?\/.*\/[a-z]{0,2}awk/,"#! awk"); print}'

[plan9]

good catch. thanks