Check frame handle validity before freeing buffer.

in CameraSource::releaseRecordingFrame(), validate the
VideoNativeHandleMetadata field when received. Avoid releasing
invalid handles (and thus invalid memory) if this has been
corrupted in user space.

Bug: 37662122
Test: poc before/after on nyc-mr2