WMM: Do not modify input TSPEC buffer during processing

WMM: Do not modify input TSPEC buffer during processing

The WMM TSPEC processor used the input buffer for processing the request
and building the response. This was fine for the FT case, but for the
WMM Action frame case, the input buffer is marked const, so it should
not really be modified. This modification could not really cause any
noticeable harm, but it can result in error reports from fuzzing and
potentially even from some static analyzers.

Fix this by marking the input arguments const more consistently (the
parsed IE was able to drop the const) and copy the const input data to a
temporary buffer for processing and modification instead of allowing the
input data to be modified.

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19050
Signed-off-by: Jouni Malinen <j@w1.fi>