spa: Bounds-check pointers before dereferencing them

Add a new overflow-safe function to check if region p2 of size s2 fits completely in p1 of size s1 and, if it does, return the amount of bytes in p1 that come after the end of p2. Use this to bounds check the pod iterators while ensuring that the pointer is bounds checked before being dereferenced.

Also check that SPA POD structs, objects, and sequences have a total length that is a multiple of 8 bytes, so that rounding in the _next() functions does not cause problems.

Fixes: 92ac9a35 ("spa: add spa_ptrinside") Signed-off-by: Demi Marie Obenour demiobenour@gmail.com