jpeg2000: Validate block lengthinc

Currently we are using an array with a static data size.

Similar to a patch with the same purpose by Michael Niedermayer.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

libavcodec/jpeg2000dec.c

@@ -663,6 +663,12 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s,
             cblk->lblock += llen;
             if ((ret = get_bits(s, av_log2(newpasses) + cblk->lblock)) < 0)
                 return ret;
+            if (ret > sizeof(cblk->data)) {
+                avpriv_request_sample(s->avctx,
+                                      "Block with lengthinc greater than %zu",
+                                      sizeof(cblk->data));
+                return AVERROR_PATCHWELCOME;
+            }
             cblk->lengthinc = ret;
             cblk->npasses  += newpasses;
         }