THRIFT-6025: Harden Ruby protocol negative sizes

[kpumuk]

Ruby was not consistently rejecting negative sizes while reading Thrift payloads.

Size values appear in binary/string fields and in map/list/set headers. Those values must be non-negative. Before this change, malformed input could declare a negative size and reach Ruby or native C code paths that assumed the size was valid.

This was a protocol hardening gap compared with other runtimes.

Solution

This change rejects negative sizes in the Ruby library read paths.

It adds validation for:

• binary protocol map/list/set headers
• binary/string payload sizes
• JSON protocol container sizes
• BaseProtocol#skip container handling
• generated struct/union container reads
• BaseTransport#read_all
• MemoryBufferTransport#read_all
• native accelerated binary protocol and struct paths

The native memory buffer path also gets a direct read_all implementation so the added guard does not force hot binary reads through the slower generic transport path.

The public protocol interface stays unchanged.

Performance

Pure Ruby benchmark, helper-call baseline vs inline guard:

rb-bin-read-large  -3.39%
rb-bin-read-small  -2.01%

Native-enabled sanity run:

c-bin-read-large   +1.18%  (3-sample noisy run)
c-bin-read-small   -1.25%
rb-bin-read-large  -1.00%
rb-bin-read-small  -1.01%

• Did you create an Apache Jira ticket? THRIFT-6025
• If a ticket exists: Does your pull request title follow the pattern "THRIFT-NNNN: describe my issue"?
• Did you squash your changes to a single commit? (not required, but preferred)
• Did you do your best to avoid breaking changes? If one was needed, did you label the Jira ticket with "Breaking-Change"?
• If your change does not involve any code, include [skip ci] anywhere in the commit message to free up build resources.