enforce minimum FileTypeBox length in Jp2Image::readMetadata (backport #9313)

[mergify]

A crafted FileTypeBox with length < 8 underflows box.length - boxHSize:

Blob boxData(box.length - boxHSize);  // 2 - 8 -> 18446744073709551610

so the vector ctor throws std::length_error instead of the contracted Exiv2 error. The uuid boxes below already guard this.

---

This is an automatic backport of pull request #9313 done by Mergify.

[mergify]

Cherry-pick of 7e21bf0 has failed:

On branch mergify/bp/0.28.x/pr-9313
Your branch is up to date with 'origin/0.28.x'.

You are currently cherry-picking commit 7e21bf09.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   src/jp2image.cpp

no changes added to commit (use "git add" and/or "git commit -a")

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally