Correct a potential comment length sanity check overflow.
Commit additional hardening to comment packet decode.

Also add allocation checks, since these can still run us out of address space
 if someone actually sends a GB or two of comment data.

[Import parts of changes from Tremor (69dfba92 2010-10-13)]