`visit_map` unbounded alloc

[wpt-oai]

While fuzzing some code that used a serialized DashMap I found that the serde implementation does not bound the allocations for visit_map (location: https://github.com/xacrimon/dashmap/blob/master/src/serde.rs#L41-L42)

Example reproduction:

use dashmap::DashMap;

#[derive(Debug, serde::Deserialize)]
pub struct Test {
    pub map: DashMap<String, String>,
}

fn main() {
    let data = &[159, 223, 255, 255, 255, 255];
    let test: Test = rmp_serde::from_slice(data).unwrap();
    println!("{:?}", test);
}

When executing this code with a resource-monitoring tool such as /usr/bin/time -v cargo run (or -l flag on macOS), the total resident memory usage becomes very large.

For reference, other map serde implementations and serde itself typically include safety bounds to limit maximum allocation sizes. Examples can be seen here:
IndexMap serde implementation
Serde size hint implementation

In memory-constrained environments, the lack of such bounds in DashMap could potentially lead to Out-of-Memory (OOM) situations.

A somewhat related issue can be found here: 3Hren/msgpack-rust#151