Potential Integer Overflow at function insertPitchPeriod

[spearo2]

Dear authors,
There exists a potential integer overflow at the function insertPitchPeriod at

sonic/sonic.c

Line 1056 in 8694c59

if (!enlargeOutputBufferIfNeeded(stream, period + newSamples)) {

caused by period + newSamples which can lead to an allocation error at sonic.c:465:37 enlargeOutputBufferIfNeeded.

sonic/sonic.c

Lines 460 to 469 in 8694c59

	static int enlargeOutputBufferIfNeeded(sonicStream stream, int numSamples) {
	int outputBufferSize = stream->outputBufferSize;
	if (stream->numOutputSamples + numSamples > outputBufferSize) {
	stream->outputBufferSize += (outputBufferSize >> 1) + numSamples;
	stream->outputBuffer = (short*)sonicRealloc(
	stream->outputBuffer,
	outputBufferSize,
	stream->outputBufferSize,
	sizeof(short) * stream->numChannels);

When the sum overflows, the argument numSamples becomes a negative value.
The allocation function potentially fails because the if guard at sonic.c:463 fails to filter the value of outputBufferSize.

A possible fix suggestion would be adding an additional safety function and using it before calling the function.
For example,

size_t sonicSafeAdd(size_t a, size_t b) {
    size_t sum = a + b;
    if (sum >= SIZE_MAX || sum < a) {
        /// handle exit
    }
    return sum;
}

Could be used as

- enlargeOutputBufferIfNeeded(stream, (newSamples + period); 
+ enlargeOutputBufferIfNeeded(stream, (sonicSafeAdd(newSamples, period));

Thank you