fix: unbound allocation

When reading an array, if the length is near int.MaxValue,
the if would overflow and the condition would allow it to proceed.

This fixes the potential attack vector

Assets/Mirror/Runtime/NetworkReader.cs

@@ -426,7 +426,7 @@ public static T[] ReadArray<T>(this NetworkReader reader)
             int length = reader.ReadPackedInt32();
             if (length < 0)
                 return null;
-            if (reader.Position + length > reader.Length)
+            if (length > reader.Length - reader.Position)
                 throw new EndOfStreamException("Can't read " + length + " elements because it would read past the end of the stream. ");
             var result = new T[length];
             for (int i = 0; i < length; i++)