sndstat_ioctl() receiveSNDSTIOC_ADD_USER_DEVS* expects a user-supplied sndstioc_nv_arg struct, however->nbytes,
however we currently do not check whether sndstioc_nv_arg->nbytes isthis size is actually valid,
which results in a panic when SNDSTIOC_ADD_USER_DEVS* is called with an
invalid size. sndstat_add_user_devs() calls
sndstat_unpack_user_nvlbuf(), which then calls malloc() with that size.
Even though this bug is related to SNDSTIOC_ADD_USER_DEVS, add these
checks in sndstat_ioctl() for robustness.
PR: 266142
Sponsored by: The FreeBSD Foundation
MFC after: 3 days