Piped process: fix off-by-one error

The NULL terminator previously was an out-of-bounds write. This fixes
the test failure seen in
https://github.com/diffblue/cbmc/actions/runs/5112785459/jobs/9191230589?pr=7395,
which was locally reproducible. Out-of-bounds write found by `valgrind`
via
```
regression/cbmc/dynamic_sizeof1$ valgrind \
  ../../../build-coverage/bin/cbmc main.c \
  --incremental-smt2-solver 'z3 --smt2 -in'
```

Author: tautschnig

src/util/piped_process.cpp

@@ -277,10 +277,10 @@ piped_processt::piped_processt(
     dup2(pipe_output[1], STDOUT_FILENO);
     dup2(pipe_output[1], STDERR_FILENO);
 
-    // Create a char** for the arguments (all the contents of commandvec
-    // except the first element, i.e. the command itself).
-    char **args =
-      reinterpret_cast<char **>(malloc((commandvec.size()) * sizeof(char *)));
+    // Create a char** for the arguments plus a NULL terminator (by convention,
+    // the first "argument" is the command itself)
+    char **args = reinterpret_cast<char **>(
+      malloc((commandvec.size() + 1) * sizeof(char *)));
     // Add all the arguments to the args array of char *.
     unsigned long i = 0;
     while(i < commandvec.size())