[Coverity 1666172] Out-of-bounds read in bluray.c

Incorrect values read from a different memory region will cause incorrect computations.

In bluray_esOutControl: Out-of-bounds read from a buffer (CWE-125)

1474        case BLURAY_ES_OUT_CONTROL_DELETE_OVERLAY:
1475        {
1476            int i_plane = va_arg(args, int);
       5. Condition esout_priv->overlay.p_video_es, taking true branch.
       6. Condition i_plane < 2, taking false branch.
       7. cond_at_least: Checking i_plane < 2 implies that i_plane is at least 2 on the false branch.
1477            if(esout_priv->overlay.p_video_es &&
1478               i_plane < MAX_OVERLAY &&
1479               (ssize_t)esout_priv->overlay.channels[i_plane] != VOUT_SPU_CHANNEL_INVALID)
1480            {
1481                i_ret = es_out_Control(esout_priv->p_dst_out, ES_OUT_VOUT_DEL_OVERLAY,
1482                                       esout_priv->overlay.p_video_es,
1483                                       esout_priv->overlay.channels[i_plane]);
1484                esout_priv->overlay.channels[i_plane] = VOUT_SPU_CHANNEL_INVALID;
1485            }
1486            else
1487            {
      
CID 1666172: (#1 of 1): Out-of-bounds read (OVERRUN)
8. overrun-local: Overrunning array esout_priv->overlay.channels of 2 8-byte elements at element index 2 (byte offset 23) using index i_plane (which evaluates to 2).
1488                assert((ssize_t)esout_priv->overlay.channels[i_plane] == VOUT_SPU_CHANNEL_INVALID);
1489                i_ret = VLC_EGENERIC;
1490            }

We can add a check in the assert. Or we had checks on the i_plane value in the BLURAY_ES_OUT_CONTROL_DELETE_OVERLAY caller side.