integer overflow hardening in input-derived arithmetic

[metsw24-max]

This patch improves the safety of integer arithmetic in args.hxx, focusing on computations derived from external or user-controlled input.

It introduces reusable checked-arithmetic helpers (SafeAdd and SafeMultiply) to explicitly validate boundary conditions before performing arithmetic operations, preventing silent integer overflow and wraparound.

These helpers are applied to key input-sensitive code paths, including formatting and parsing logic:

Changes in Core Logic

• In Wrap(), width calculation arithmetic is hardened to prevent overflow during formatting operations.
• In ArgumentParser::Parse(), bash completion index arithmetic is updated to use checked addition instead of unchecked integer operations.

Testing

A regression test suite (test/safe_arithmetic.cxx) is also added to validate correctness under edge cases, including:

• Integer boundary conditions
• Signed and unsigned overflow scenarios
• Large and malformed input values
• Multiplication edge cases involving extreme integer limits

Overall, this change improves the robustness and auditability of integer arithmetic by centralizing overflow protection into reusable utilities and applying them consistently across input-derived computation paths.

[Taywee]

Not bad. I don't see SafeMultiply used anywhere, and SafeAdd is only going to kick in even on 32-bit architectures with command lines over 4GiB large, which are impossible for most systems. Might be slightly over-defensive, but it's not going to hurt anything. I'll merge it in.