DO NOT MERGE Check frame handle validity before freeing buffer.

in CameraSource::releaseRecordingFrame(), validate the
VideoNativeHandleMetadata field when received. Avoid releasing invalid
handles (and thus invalid memory) if this has been corrupted in user space.

Bug: 37662122
Test: poc before/after on nyc-mr2
Change-Id: If48c050a5c20552604a90f19130ad5837e80bf52