vorbis: make sure ch is non zero before calling vorbis_residue_decode

      This possibly makes part of the CVE-2011-3895 fix unneeded.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>