Fix buffer overflow in AudioBuffer::copyFromChannel

[pilgrim-brave]

Resolves brave/brave-browser#9552

Submitter Checklist:

• Submitted a ticket for my issue if one did not already exist.
• Used Github auto-closing keywords in the commit message.
• Added/updated tests for this change (for new code or code which already has tests).
• Verified that these changes build without errors on
  • Android
  • iOS
  • Linux
  • macOS
  • Windows
• Verified that these changes pass automated tests (unit, browser, security tests) on
  • iOS
  • Linux
  • macOS
  • Windows
• Verified that all lint errors/warnings are resolved (npm run lint)
• Ran git rebase master (if needed).
• Ran git rebase -i to squash commits (if needed).
• Tagged reviewers and labelled the pull request as needed.
• Request a security/privacy review as needed.
• Add appropriate QA labels (QA/Yes or QA/No) to include the closed issue in milestone
• Public documentation has been updated as necessary. For instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Custom-Headers
  • https://github.com/brave/brave-browser/wiki/Web-compatibility-issues-with-tracking-protection
  • https://github.com/brave/brave-browser/wiki/QA-Guide

Test Plan:

1. Visit this url-> https://immediate-maroon-playground.glitch.me/
2. Click "Crash" button. If tab crashes with "Aw snap" message, bug exists.
3. If nothing visible happens, bug is fixed.

Reviewer Checklist:

• New files have MPL-2.0 license header.
• Request a security/privacy review as needed.
• Adequate test coverage exists to prevent regressions
• Verify test plan is specified in PR before merging to source

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on.
• All relevant documentation has been updated.

[pilgrim-brave]

Test is here: #5428

Separated because the test is blocked on a separate (seemingly unrelated) issue.

[pilgrim-brave]

Merging with @bridiver's approval even though it failed CI because it looks like it's an unrelated network error on Mac. It passed on all other platforms and passed locally on my Mac.

[kjozwiak]

Reproduced the issue on macOS 10.15.4 x64 using the following build:

Brave | 1.10.22 Chromium: 81.0.4044.129 (Official Build) nightly (64-bit)
--- | ---
Revision | 3d71af9f5704a40b85806f4d08925db24605ba25-refs/branch-heads/4044@{#979}
OS | macOS Version 10.15.4 (Build 19E287)

Verification PASSED on macOS 10.15.4 x64 using the following build:

Brave | 1.10.24 Chromium: 81.0.4044.129 (Official Build) nightly (64-bit)
--- | ---
Revision | 3d71af9f5704a40b85806f4d08925db24605ba25-refs/branch-heads/4044@{#979}
OS | macOS Version 10.15.4 (Build 19E287)

Couldn't reproduce the crash using the STR outlined via #5427 (comment).

[BrendanEich]

dst[i] = dst[i] * fudge_factor; \
No one loves *= any more. (I am old C hacker.)