[SECURITY] Unsigned integer underflow in CFE_SB_GetUserDataLength returns SIZE_MAX-class value for malformed messages, enabling OOB read in downstream consumers