Use saturating_mul when multiplying feerates by the fee spike buf

[TheBlueMatt]

In theory a channel's feerate could be set to some absurd value (millions of satoshis per vB) and we'd overflow the fee spike buffer, accepting the absurd fee and ignoring our fee spike buffer check. This is harmless - the counterparty has much easier ways of bricking the channel if they want, and paying several BTC in fees is probably not the best way. Our commitment transaction and dust fee exposure logic all correctly map the u32 to a u64 before multiplying, making them overflow-safe.

Still, its good to fix overflows because it is a remotely-reachable crash in debug builds.

Reported by Jordan Mecom of Block's Security Team

[ldk-reviews-bot]

I've assigned @wpaulino as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

[ldk-claude-review-bot]

I've reviewed the full diff and surrounding context. The three saturating_mul changes are correct: saturation to u32::MAX produces conservative behavior (over-estimating fees, rejecting HTLCs) in all three call sites, which is the safe direction. The prior review already noted the fuzz code in chanmon_consistency.rs.

No new issues found.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.97%. Comparing base (2ebc372) to head (b98d7b8).
⚠️ Report is 13 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4554      +/-   ##
==========================================
- Coverage   87.01%   86.97%   -0.05%     
==========================================
  Files         163      163              
  Lines      108682   108683       +1     
  Branches   108682   108683       +1     
==========================================
- Hits        94572    94524      -48     
- Misses      11631    11678      +47     
- Partials     2479     2481       +2     

Flag	Coverage Δ
fuzzing	40.26% <100.00%> (+0.02%)	⬆️
tests	86.06% <100.00%> (-0.04%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[tnull]

Looking forward to get rid of the entire class of bug by migrating to FeeRate in v0.4. :)