usb-host: don't dereference invalid iovecs

usb-host assumes the first iovec element is always valid.
In case of a zero-length packet this isn't true though.
Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>

hw/usb/host-linux.c

@@ -884,16 +884,16 @@ static int usb_host_handle_data(USBDevice *dev, USBPacket *p)
     }
 
     v = 0;
-    prem = p->iov.iov[v].iov_len;
-    pbuf = p->iov.iov[v].iov_base;
+    prem = 0;
+    pbuf = NULL;
     rem = p->iov.size;
     while (rem) {
         if (prem == 0) {
-            v++;
             assert(v < p->iov.niov);
             prem = p->iov.iov[v].iov_len;
             pbuf = p->iov.iov[v].iov_base;
             assert(prem <= rem);
+            v++;
         }
         aurb = async_alloc(s);
         aurb->packet = p;