[custom_attrs] Add (some) bounds checking to create_custom_attr

[custom_attrs] Add (some) bounds checking to create_custom_attr

In principle, mono_verifier_verify_cattr_content should prevent malformed custom
attribute blobs from being passed in here.

In practice:

1. The verifier is not on by default

2. System.Reflection.Emit allows an arbitrary byte[] to be passed in which
   means that code like this can cause mono to read past the end of the array.

   ```
   // "1 1-byte constructor argument and then 65280 named properties follow"
   assembly.SetCustomAttribute(constructor, new byte[] { 1, 0, 1, 0x00, 0xFF });
   var attributes = assembly.GetCustomAttributes(true);
   ```