kbx: Add bounds check to detect corrupt keyboxes.

* kbx/keybox-dump.c (_keybox_dump_blob): Fix the fixmes.

kbxutil is a debug tool but nevertheless it should behave well and not
read beyond allocated buffers and in turn crash.

Vincent Ulitzsch and Dominik Maier were kind enough to report these
crashes along with a couple of test keyboxes and crash analysis.

• Signed-off-by: Werner Koch <wk@gnupg.org>