Check the multiplication for overflow in `PartitionCalloc`.

Bug: 1159070
Change-Id: Iac9fd2741a4617e2dffa5add06497319a57795a1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2594113
Commit-Queue: Chris Palmer <palmer@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Reviewed-by: Bruce Dawson <brucedawson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#837298}

base/allocator/allocator_shim_default_dispatch_to_partition_alloc.cc

@@ -12,6 +12,7 @@
 #include "base/allocator/partition_allocator/partition_stats.h"
 #include "base/bits.h"
 #include "base/no_destructor.h"
+#include "base/numerics/checked_math.h"
 #include "build/build_config.h"
 
 #if defined(OS_LINUX) || defined(OS_CHROMEOS)
@@ -134,7 +135,8 @@ void* PartitionCalloc(const AllocatorDispatch*,
                       size_t n,
                       size_t size,
                       void* context) {
-  return Allocator()->AllocFlagsNoHooks(base::PartitionAllocZeroFill, n * size);
+  const size_t total = base::CheckMul(n, size).ValueOrDie();
+  return Allocator()->AllocFlagsNoHooks(base::PartitionAllocZeroFill, total);
 }
 
 void* PartitionMemalign(const AllocatorDispatch*,