The "too small to fail" memory-allocation rule

I have never seen this rule (or at least not in that form). What I have seen is a guideline that hints that the code protected by a lock should be as small and straightforward as possible.

Your rule actually makes a lot of sense. Locks exists to ensure concurrent access to a shared resource in a coherent way. If you're calling "foreign" code, then your code is not just accessing the shared resource, and thus it is protecting too much. Probably the "right" thing to do is to move all resource allocations (including memory) outside the lock scope, and only acquire the lock once all the needed resources are ready.