public/schema: bound fractional digits in canonical decimal parser

len(fracPart) is a 64-bit int. The downstream casts to int32 (the scale
type) in ParseDecimal and ParseBigDecimal would wrap silently on a
fractional part longer than math.MaxInt32 — the BigDecimal path would
return a negative scale and the Decimal path would short-circuit its
"exceeds scale" check.

Bound the fractional length in parseCanonicalDecimal with an explicit
error so both parsers fail loudly rather than returning corrupt output.

Author: Jeffail

public/schema/decimal.go

@@ -5,6 +5,7 @@ package schema
 import (
 	"errors"
 	"fmt"
+	"math"
 	"math/big"
 	"strings"
 )
@@ -168,6 +169,14 @@ func parseCanonicalDecimal(s string) (sign, intPart, fracPart string, err error)
 		return "", "", "", err
 	}
 
+	// Cap the fractional length so callers downstream can safely cast it to
+	// the int32 scale type without silent wrap-around. The integer part is
+	// not bounded here — its length only feeds big.Int.SetString, which
+	// handles arbitrary lengths correctly (if slowly).
+	if len(fracPart) > math.MaxInt32 {
+		return "", "", "", fmt.Errorf("decimal string has %d fractional digits, exceeds maximum %d", len(fracPart), math.MaxInt32)
+	}
+
 	return sign, intPart, fracPart, nil
 }