Reject createImageBitmap promise when the cropRect or resize is too big

At this moment, creating an ImageBitmap has several options such as flipY
and premultiplyAlpha = false. So in some cases, we would have to convert
the premultiplied input to unpremul format, and that involves allocating
new memory. To prevent any potential integer overflow or OOM situation,
this CL checks the size of the cropRect and the resizeWidth(resizeHeight),
if the width * height * bytesPerPixel is larger than size_t range, we reject
the promise. By doing the check at the beginning of each ImageBitmap constructor,
we can guarantee that the subsequent multiplication of
width * height * bytesPerPixel will not overflow.

This CL also correct other places where there could be
potential integer overflow. In particular, since we have checked at
the beginning of each ImageBitmap constructor, it should be safe
to use size_t for any computation of width * height in the code.

TBR=kbr@chromium.org, haraken@chromium.org
BUG=638615
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel

Review-Url: https://codereview.chromium.org/2249853008
Cr-Commit-Position: refs/heads/master@{#414687}
8 files changed