Make sure there are enough channels to check for opacity

[vrabaud]

Pull Request Readiness Checklist

See details at https://github.com/opencv/opencv/wiki/How_to_contribute#making-a-good-pull-request

• I agree to contribute to the project under Apache 2 License.
• To the best of my knowledge, the proposed patch is not based on a code under GPL or another license that is incompatible with OpenCV
• The PR is proposed to the proper branch
• There is a reference to the original bug report and related work
• There is accuracy test, performance test and test data in opencv_extra repository, if applicable
  Patch to opencv_extra has the same branch name.
• The feature is well documented and sample code can be built with the project CMake

[sturkmen72]

@vrabaud
_bop should always 0 for images having 1 or 3 channels and should not reach the lines you changed

            if (_bop == 0) {
                // Overwrite mode: copy source row directly to destination
                memcpy(dp, sp, w * channels);

https://github.com/opencv/opencv/blob/4.x/modules/imgcodecs/src/grfmt_png.cpp#L647-L649

otherways also following lines problematic with sp[3] dp[3] etc.

[vrabaud]

The fuzzer created files that reach that point with 3 channels. Checks should happen before for validity then. Where should that be?

[sturkmen72]

The fuzzer created files that reach that point with 3 channels. Checks should happen before for validity then. Where should that be?

what about

void PngDecoder::compose_frame(std::vector<png_bytep>& rows_dst, const std::vector<png_bytep>& rows_src, unsigned char _bop, uint32_t x, uint32_t y, uint32_t w, uint32_t h, Mat& img)
{
    int channels = img.channels();
    if (_bop && channels < 4)
        return;

[vrabaud]

Indeed, checking for bop first is the way to go. I added more checks and a small refactoring to better deal with bop==0.

[asmorkalov]

Windows warnings:

C:\GHA-OCV-2\_work\opencv\opencv\opencv\modules\imgcodecs\src\grfmt_png.cpp(619): warning C4267: 'initializing': conversion from 'size_t' to 'int', possible loss of data

C:\GHA-OCV-2\_work\opencv\opencv\opencv\modules\imgcodecs\src\grfmt_png.cpp(619): warning C4267: 'initializing': conversion from 'size_t' to 'const int', possible loss of data

Build has warnings.

[asmorkalov]

@sturkmen72 could you take a look?

[sturkmen72]

LGTM ( Sorry for my confusing notes before )