Merge to M46: upgrade openjpeg to commit# cf352af

third_party/libopenjpeg20/0001-image-data.patch

Index: third_party/libopenjpeg20/0001-image-data.patch
diff --git a/third_party/libopenjpeg20/0001-image-data.patch b/third_party/libopenjpeg20/0001-image-data.patch
new file mode 100644
index 0000000000000000000000000000000000000000..5ae0149538c276fc2b3f0bcdf31ca7675e399332
--- /dev/null
+++ b/third_party/libopenjpeg20/0001-image-data.patch
@@ -0,0 +1,26 @@
+diff --git a/third_party/libopenjpeg20/j2k.c b/third_party/libopenjpeg20/j2k.c
+index e612d06..d515798 100644
+--- a/third_party/libopenjpeg20/j2k.c
++++ b/third_party/libopenjpeg20/j2k.c
+@@ -8148,11 +8148,16 @@ static OPJ_BOOL opj_j2k_update_image_data (opj_tcd_t * p_tcd, OPJ_BYTE * p_data,
+ 
+                 /* Allocate output component buffer if necessary */
+                 if (!l_img_comp_dest->data) {
+-
+-                        l_img_comp_dest->data = (OPJ_INT32*) opj_calloc((OPJ_SIZE_T)l_img_comp_dest->w * (OPJ_SIZE_T)l_img_comp_dest->h, sizeof(OPJ_INT32));
+-                        if (! l_img_comp_dest->data) {
+-                                return OPJ_FALSE;
+-                        }
++                    OPJ_UINT32 width = l_img_comp_dest->w;
++                    OPJ_UINT32 height = l_img_comp_dest->h;
++                    const OPJ_UINT32 MAX_SIZE = UINT32_MAX / sizeof(OPJ_INT32);
++                    if (height == 0 || width > MAX_SIZE / height) {
++                        return OPJ_FALSE;
++                    }
++                    l_img_comp_dest->data = (OPJ_INT32*)opj_calloc(width * height, sizeof(OPJ_INT32));
++                    if (!l_img_comp_dest->data) {
++                        return OPJ_FALSE;
++                    }
+                 }
+ 
+                 /* Copy info from decoded comp image to output image */