Harden Amiga CF2 sprite loading against palette and RAW OOB access

[segrax]

Motivation

• A CF2 Amiga map/sprite loader feeds user-supplied .PAL and .RAW assets into legacy helpers that assumed well-formed inputs, allowing oversized palette data to write past a fixed 256-entry palette and undersized RAWs to trigger out-of-bounds reads/crashes during sprite drawing.
• The change prevents local malicious or malformed data packs from causing memory corruption or crashes by validating lengths before use.

Description

• Clamp sImage::LoadPalette_Amiga() writes to the fixed 256-entry palette by bounding the number of colors read and early-returning when pStartColorID is out of range, preventing out-of-bounds palette writes; changed in Source/Graphics.hpp (LoadPalette_Amiga).
• Validate .RAW buffer size in cGraphics_Amiga2::GetImage() and reject undersized decoded images before they are used, preventing downstream reads from truncated image buffers; changed in Source/Amiga/Graphics_Amiga2.cpp (GetImage).
• After the CF2-specific height overrides in cGraphics_Amiga2::Map_Load_Resources() add a size check for the loaded sprite sheets and drop invalid sheets to avoid later sprite-drawing OOB accesses; changed in Source/Amiga/Graphics_Amiga2.cpp (Map_Load_Resources).

Testing

• Attempted a full CMake configure/build with cmake -S . -B build && cmake --build build -j2, but configuration fails in this environment due to a missing SDL3 development package (SDL3Config.cmake/sdl3-config.cmake), so an end-to-end build could not be completed.
• No automated unit tests were present or run in this environment; the fix is intentionally minimal and localized to the three functions to preserve existing behavior while preventing OOB reads/writes.

---

Codex Task