udev-builtin-usb_id: Check full range of size returned by read()

udev-builtin-usb_id: Check full range of size returned by read()

This shouldn't be necessary, since read() should never return a size
larger than the size of the buffer passed in, but Coverity doesn't seem
to understand that.

We could possibly fix this with a model file for Coverity, but given
changing the code is not that much of a biggie, let's just do that
instead.

Fixes CID 996458: Overflowed or truncated value (or a value computed
from an overflowed or truncated value) `pos` used as array index.

Tested: `ninja -C build/ test`, builds without warnings, test cases pass.