Add back cve2017-16544 busybox patch from master

package/utils/busybox/patches/900-fix_cve2017-16544.patch

@@ -0,0 +1,22 @@
+--- a/libbb/lineedit.c
++++ b/libbb/lineedit.c
+@@ -632,6 +632,19 @@ static void free_tab_completion_data(voi
+ 
+ static void add_match(char *matched)
+ {
++	unsigned char *p = (unsigned char*)matched;
++	while (*p) {
++		/* ESC attack fix: drop any string with control chars */
++		if (*p < ' '
++		 || (!ENABLE_UNICODE_SUPPORT && *p >= 0x7f)
++		 || (ENABLE_UNICODE_SUPPORT && *p == 0x7f)
++		) {
++			free(matched);
++			return;
++		}
++		p++;
++	}
++
+ 	matches = xrealloc_vector(matches, 4, num_matches);
+ 	matches[num_matches] = matched;
+ 	num_matches++;