payload: assert when accessing inner transport header

payload: assert when accessing inner transport header

Instead of segfaulting due to out of bound access access to protocol
context array ctx->protocol[base].location from proto_ctx_update().

 # nft add rule filter input ah nexthdr tcp
 nft: payload.c:88: payload_expr_pctx_update: Assertion `left->payload.base + 1 <= (__PROTO_BASE_MAX - 1)' failed.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>