[COPY OF #24434] pp_accept: fix potential out-of-bounds read on oversized accept() addrlen

[crystarm]

COPY OF #24434

Summary: This PR fixes a potential out-of-bounds read in pp_accept (pp_sys.c).

Problem: PerlSock_accept_cloexec() (via accept()/accept4()) can return an addrlen larger than the supplied buffer size when the peer address is truncated. The previous code used the returned len directly in PUSHp(namebuf, len).

Fix: Clamp len to sizeof(namebuf) before calling PUSHp.

Impact: No behavior change for valid lengths. Prevents reading past namebuf when addrlen is oversized.

Context: Change was motivated by static analysis finding. BUFFER_OVERFLOW.PROC pp_sys.c:[2631:10].log

This set of changes does not require a perldelta entry.

[ap]

Readers note that a number of relevant comments in #24434 when it was closed which now still need addressing. (GitHub will not allow re-opening that PR, unfortunately, otherwise we would have done so; instead it is on readers here to take note of the comments there.)

[tonycoz]

There's two issues I see:

• leont suggested this should warn if the address is truncated, and I think that is reasonable.

• you followed my suggestion to combine the declaration and initialization, but I was wrong to do so for pp_getpeername since it broke C++ builds, so the namesize declaration needs to be above the goto nutz, pretty much where you originally had it. Sorry about that.

[crystarm]

I added a W io warning when socket address lengths are truncated (accept, recvfrom, getpeername/getsockname), moved namesize in pp_getpeername above early goto paths for C++ build compatibility, and documented the new warning in pod/perldiag.pod.

[tonycoz]

You don't need to setup opname like this, you can use OP_NAME(PL_op) to get the operator name.