This patch fixes the crash I saw in MS_ADPCM_decode() with a reproducer attached in this bug report.

First I thought about some complex formula that checks a chunk has a minimal length safe for decoding it. But nesting RIFF chunks of various types makes it difficult and it effectively would split the logic into two distant places, so I decided to use multiple local fixes -- to check a a current parsing code won't read past the current chunk buffer.