dissect: guard against ssize_t overflow in LUKS2 header parser (#42162)

The `json_len` variable in `partition_is_luks2_integrity()` is
`ssize_t`, but the subtraction `be64toh(header.hdr_len) -
LUKS2_FIXED_HDR_SIZE` can yield a value exceeding `SSIZE_MAX` when
`hdr_len` is a large crafted value. This causes signed integer overflow
and a subsequent oversized `malloc()` that fails with `-ENOMEM`,
producing a misleading out-of-memory error instead of a clear
invalid-header rejection.

Two call sites pass `size = UINT64_MAX`, which neutralizes the existing
`hdr_len > size` guard.

Add an explicit check against `SSIZE_MAX` before the cast to `ssize_t`.