Remove all uses of alloca() from this module. The alloca() return value

isn't checked, and it *is* possible that a very large alloca() call is
made, e.g. when a large registry value is being read.  I don't know if
alloca() in that case returns NULL or returns a pointer pointing outside
the stack, and I don't want to know -- I've simply replaced all calls to
alloca() with either PyMem_Malloc() or PyString_FromStringAndSize(NULL,)
as appropriate, followed by a size check.  This addresses SF buf 851056.
Will backport to 2.3 next.