avcodec/dpx: Check elements in 12bps planar path

Fixes: null pointer dereference
Fixes: 8946/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DPX_fuzzer-5078915222601728

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Carl Eugen Hoyos <ceffmpeg@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

libavcodec/dpx.c

@@ -395,12 +395,14 @@ static int decode_frame(AVCodecContext *avctx,
                     if (elements == 4)
                         *dst[3]++ = read16(&buf, endian) >> shift & 0xFFF;
                 } else {
-                    *dst[2]++ = read12in32(&buf, &rgbBuffer,
+                    if (elements >= 3)
-                                           &n_datum, endian);
+                        *dst[2]++ = read12in32(&buf, &rgbBuffer,
+                                               &n_datum, endian);
                     *dst[0]++ = read12in32(&buf, &rgbBuffer,
                                            &n_datum, endian);
-                    *dst[1]++ = read12in32(&buf, &rgbBuffer,
+                    if (elements >= 2)
-                                           &n_datum, endian);
+                        *dst[1]++ = read12in32(&buf, &rgbBuffer,
+                                               &n_datum, endian);
                     if (elements == 4)
                         *dst[3]++ = read12in32(&buf, &rgbBuffer,
                                                &n_datum, endian);