#1302 harden memcore/heap boundary checks against arithmetic overflow

[Giovanni Di Sirio]

The OSLIB allocators need stronger bounds handling on arithmetic edge cases.

Two issues were addressed:

1. chCoreAllocFromBaseI() and chCoreAllocFromTopI() in chmemcore.c were
   performing derived-address arithmetic before validating the request. With
   extreme size or offset values, this could rely on out-of-range pointer
   arithmetic before the guard code rejected the allocation.
2. chHeapAllocAligned() in chmemheaps.c rounded size with MEM_ALIGN_NEXT()
   before checking for overflow. Near-SIZE_MAX requests could wrap during
   rounding, derive an invalid pages count, and corrupt heap metadata during
   block splitting.

The fix moves memcore calculations into integer space (uintptr_t) until bounds
are verified, and adds an explicit overflow check before converting heap
request size into allocation pages.