integer overflow in bmp writer.

[plugwash]

While writing up https://github.com/image-rs/image/issues/1707 I noticed that the calculation of image_size in encode_with_palette is protected against integer overflow but the calculation of file_size is not.

Therefore, if i'm reading the code right, while an image with 2³² or more bytes of image data will produce an error an image with slightly less than 2³² bytes of image data will result in a panic in debug mode or the creation of a bmp file with a bogus file_size value in the header in release mode.