contentenc: catch integer underflow in file size calculation

If you truncate a ciphertext file to 19 bytes, you could get the
impression that the plaintext is 18446744073709551585 bytes long,
as reported by "ls -l".

Fix it by clamping the value to zero.

internal/contentenc/offsets.go

@@ -54,6 +54,11 @@ func (be *ContentEnc) CipherSizeToPlainSize(cipherSize uint64) uint64 {
 
 	overhead := be.BlockOverhead()*blockCount + HeaderLen
 
+	if overhead > cipherSize {
+		tlog.Warn.Printf("cipherSize %d < overhead %d: corrupt file\n", cipherSize, overhead)
+		return 0
+	}
+
 	return cipherSize - overhead
 }