avcodec/pngenc: Replace memcpy by av_image_copy()

Fixes out of array access
Fixes: 0cf176e6d3ab9fe924f39738e513f547/asan_generic_4a54aa_3431_aaa28be1cb32e307a9890cad06f84fba.avi

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

libavcodec/pngenc.c

@@ -766,8 +766,7 @@ static int apng_encode_frame(AVCodecContext *avctx, const AVFrame *pict,
 
             // Do disposal
             if (last_fctl_chunk.dispose_op != APNG_DISPOSE_OP_PREVIOUS) {
-                memcpy(diffFrame->data[0], s->last_frame->data[0],
-                       s->last_frame->linesize[0] * s->last_frame->height);
+                av_frame_copy(diffFrame, s->last_frame);
 
                 if (last_fctl_chunk.dispose_op == APNG_DISPOSE_OP_BACKGROUND) {
                     for (y = last_fctl_chunk.y_offset; y < last_fctl_chunk.y_offset + last_fctl_chunk.height; ++y) {
@@ -779,8 +778,7 @@ static int apng_encode_frame(AVCodecContext *avctx, const AVFrame *pict,
                 if (!s->prev_frame)
                     continue;
 
-                memcpy(diffFrame->data[0], s->prev_frame->data[0],
-                       s->prev_frame->linesize[0] * s->prev_frame->height);
+                av_frame_copy(diffFrame, s->prev_frame);
             }
 
             // Do inverse blending
@@ -945,8 +943,7 @@ static int encode_apng(AVCodecContext *avctx, AVPacket *pkt,
             }
 
             // Do disposal, but not blending
-            memcpy(s->prev_frame->data[0], s->last_frame->data[0],
-                   s->last_frame->linesize[0] * s->last_frame->height);
+            av_frame_copy(s->prev_frame, s->last_frame);
             if (s->last_frame_fctl.dispose_op == APNG_DISPOSE_OP_BACKGROUND) {
                 uint32_t y;
                 uint8_t bpp = (s->bits_per_pixel + 7) >> 3;