Also, restore the previous terminal mode on exit

Turns out that it is undefined behaviour to pass a value to isctype functions
which does not fit inside a char. Closes #312

(cf #309)

Closes #303

closes #302

closes #270

Check malloc return value for NULL.

Fixed memory leak on file name collision.

Always terminate strncpy results with '\0'.

Avoid out of boundary read on empty/broken file.

If malloc cannot allocate enough memory, it could return NULL. This is
not necessarily true for default Linux settings, but can be provoked
there as well by adjusting proc entries. Other systems like the *BSD
ones definitely do this.

The function _emalloc exists for exactly this purpose, so use it instead
of calling malloc directly.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

If feh_unique_filename encounters a file that already exists, the memory
for the temporary filename is not released. As this happens in /tmp at
some code places, an attacker could use this to spray the memory of feh,
or simply triggering an out of memory condition.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

If ereadfile encounters an empty file or the file could not be read, an
out ouf boundary read (and possible write) occurs. Always check the
return value of fread to be > 0 before processing the result buffer.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

The strncpy function does not guarantee to end the resulting character
sequence with a terminating nul character if not enough space is
available. This could be triggered by supplying a sufficiently long
output_file option.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>