read_frame was misuing the packet length in the following ways:
- returning non-zero even if buf_len is too short for the packet
- truncating the length to buf_len if len is too long then using the
truncated (i.e. wrong) length to index into the buffer
- memcpying too many bytes (used buf_len instead of real length)
This commit fixes all of this and adds some code to report
on packet length errors (to match with cc2538 driver).
feec05cdf2