Harden integer conversions and arithmetic in HwmfBitmapDib, AggregateFunction, and DStarRunner

[sahvx655-wq]

This PR hardens integer conversions in HwmfBitmapDib, AggregateFunction, and DStarRunner by replacing narrowing casts with safe conversion methods that fail fast on overflow instead of silently truncating values.
HwmfBitmapDib

• Replace (int) Math.max(imageData.length, introSize + headerImageSize) with Math.toIntExact(...).
• Prevents silent truncation when image size calculations exceed the integer range.

AggregateFunction

• Replace (int) Math.ceil(dn) with MathUtil.safeDoubleToInt(...).
• Uses POI's existing utility method to validate double-to-int conversions.
  DStarRunner
• Replace (int) Math.round(...) with Math.toIntExact(...).
• Prevents silent overflow when converting rounded long values to int.

These changes preserve existing behavior for valid inputs while improving safety and consistency with recent integer-conversion hardening updates across the codebase.
Executed the relevant test suites:
bash
./gradlew :poi:test :poi-scratchpad:test -PjdkVersion=17

• 7270 tests executed
• 0 failures
• 30 skipped

[pjfanning]

@sahvx655-wq don't merge branches like this - I now have to run the build again manually

every time you change this PR, I need to approve the CI run again

[sahvx655-wq]

Sorry about that, and thanks for the feedback. I'll avoid merging trunk into my feature branches going forward.

[pjfanning]

lgtm