s3tables: Add upper bound validation for MaxBuckets parameter

MaxBuckets is user-controlled and used in uint32(maxBuckets*2) for ListEntries.
Very large values can overflow uint32 or trigger overly expensive scans. Cap
MaxBuckets to 1000 and reject out-of-range values, consistent with MaxTables
handling and S3 MaxKeys validation elsewhere in the codebase.

weed/s3api/s3tables/handler_bucket_get_list_delete.go

@@ -101,6 +101,12 @@ func (h *S3TablesHandler) handleListTableBuckets(w http.ResponseWriter, r *http.
 	if maxBuckets <= 0 {
 		maxBuckets = 100
 	}
+	// Cap to prevent uint32 overflow when used in uint32(maxBuckets*2)
+	const maxBucketsLimit = 1000
+	if maxBuckets > maxBucketsLimit {
+		h.writeError(w, http.StatusBadRequest, ErrCodeInvalidRequest, "MaxBuckets exceeds maximum allowed value")
+		return fmt.Errorf("invalid maxBuckets value: %d", maxBuckets)
+	}
 
 	var buckets []TableBucketSummary