Fix heap-buffer-overflow in constant_pad_nd with overflow-safe bounds checking

[psiddh]

Summary: Fix fuzzer-discovered heap-buffer-overflow (T250636018) in the constant_pad_nd kernel. The bounds checking was missing the actual output buffer end pointer and used arithmetic that could overflow with crafted inputs. This adds proper out_data_end tracking and rewrites the bounds checks to use overflow-safe division instead of potentially-overflowing multiplication.

Differential Revision: D90188241

[pytorch-bot]

🔗 Helpful Links

🧪 See artifacts and rendered test results at hud.pytorch.org/pr/pytorch/executorch/16468

• 📄 Preview Python docs built from this PR

Note: Links to docs will display an error until the docs builds have been completed.

✅ You can merge normally! (1 Unrelated Failure)

As of commit 7e49886 with merge base b031287 ():

UNSTABLE - The following job is marked as unstable, possibly due to flakiness on trunk:

• pull / android / run-emulator (gh) (#16137)
  Process completed with exit code 1.

This comment was automatically generated by Dr. CI and updates every 15 minutes.

[meta-codesync]

@psiddh has exported this pull request. If you are a Meta employee, you can view the originating Diff in D90188241.

[github-actions]

This PR needs a release notes: label

If your change should be included in the release notes (i.e. would users of this library care about this change?), please use a label starting with release notes:. This helps us keep track and include your important work in the next release notes.

To add a label, you can comment to pytorchbot, for example
@pytorchbot label "release notes: none"

For more information, see
https://github.com/pytorch/pytorch/wiki/PyTorch-AutoLabel-Bot#why-categorize-for-release-notes-and-how-does-it-work.