harden(decode): fallible BufferBackend writes for direct-decode DoS protection

[polaz]

Context

PR #245 introduced FrameDecoder::decode_to_slice with
UserSliceBackend writing directly into the caller's slice. The
backend's write methods (extend, extend_and_fill,
extend_from_within_unchecked) bounds-check via debug_assert! and
a release-mode assert!. Per-block produced tracking guards FCS
overflow AFTER each block completes.

Problem

Within a single Compressed block, the burst's per-symbol writes
hit the backend write methods in a tight loop. A malformed frame
that declares a small frame_content_size AND a Compressed block
whose payload expands past the declared size will cause the burst
to write past slice.len() and panic (assert! or slice
indexing). This is a DoS surface for adversarial input — should be
a structured FrameDecoderError instead.

Proposed fix

Extend BufferBackend to support fallible writes that return
Result<(), BackendOverflow>. The UserSliceBackend impl checks
remaining capacity on every write and returns an error instead of
panicking. FlatBuf / RingBuffer keep their current panic-free
behaviour (their Vec::reserve path handles growth).

Open design questions:

• Do we add a parallel fallible API or migrate all backends?
• Cost of per-write capacity check in the HUF burst hot path?
• Could a coarser per-block pre-flight check work instead
  (e.g., refuse to enter direct path when produced + MAX_BLOCK_SIZE > content_size + WILDCOPY)?

Acceptance criteria

• Malformed Compressed block with header FCS < expanded
  payload returns FrameDecoderError::FrameContentSizeMismatch
  from decode_to_slice instead of panicking.
• Existing direct-path benchmarks regress by no more than 1%.
• Existing tests remain green.

Workaround until fix

Callers handling untrusted input must use decode_all (which
routes through FlatBuf / RingBuffer and never panics on size
mismatches).

Part of the #244 perf roadmap.

[coderabbitai]

🔗 Related PRs

#59 - perf(decoding): pre-allocate decode buffer from sequence block analysis [merged]
#60 - feat(encoding): write frame content size in encoder output [merged]
#114 - perf(decoding): port upstream extend_and_fill / extend_from_reader for RLE+Raw blocks [merged]
#194 - perf(decode): fused sequence executor + SIMD/FSE hot-path cleanup + DoS-safe rollback [merged]
#238 - perf(decode): collapse HUF 4-stream burst-gate to single-cursor olimit [merged]

---

📝 Issue Planner

_{Check the box below or use the @coderabbitai plan command to generate an implementation plan and prompts that you can use with your favorite coding assistant.}

• Create Plan

---

🧪 Issue enrichment is currently in open beta.

You can configure auto-planning by selecting labels in the issue_enrichment configuration.

To disable automatic issue enrichment, add the following to your .coderabbit.yaml:

issue_enrichment:
  auto_enrich:
    enabled: false

💬 Have feedback or questions? Drop into our discord!