go/common/cbor: Reject CBOR blobs with unknown fields

[Yawning]

Fixes #2020

[codecov]

Codecov Report

Merging #3046 into master will decrease coverage by 0.00%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #3046      +/-   ##
==========================================
- Coverage   68.67%   68.66%   -0.01%     
==========================================
  Files         370      370              
  Lines       36401    36401              
==========================================
- Hits        24997    24995       -2     
- Misses       8211     8225      +14     
+ Partials     3193     3181      -12     

Impacted Files	Coverage Δ
go/common/cbor/cbor.go	59.37% <ø> (ø)
go/consensus/tendermint/api/errors.go	86.66% <0.00%> (-13.34%)	⬇️
go/consensus/tendermint/apps/scheduler/query.go	71.05% <0.00%> (-7.90%)	⬇️
go/consensus/tendermint/apps/staking/query.go	49.09% <0.00%> (-7.28%)	⬇️
go/consensus/tendermint/apps/staking/state/gas.go	77.58% <0.00%> (-6.90%)	⬇️
go/consensus/tendermint/abci/mux.go	68.43% <0.00%> (-5.53%)	⬇️
go/registry/api/grpc.go	35.16% <0.00%> (-4.90%)	⬇️
go/staking/api/grpc.go	54.06% <0.00%> (-4.66%)	⬇️
go/storage/mkvs/insert.go	87.75% <0.00%> (-2.73%)	⬇️
go/consensus/tendermint/staking/staking.go	64.54% <0.00%> (-2.40%)	⬇️
... and 28 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9dba6d1...f97a24c. Read the comment docs.