oss-fuzz reports stack overflow in libheif

[bobfriesenhahn]

As part of GraphicsMagick oss-fuzz fuzz testing, oss-fuzz has detected an unusual stack overflow in latest libheif code.

The issue will eventually be visible to all at graphicsmagick:coder_AVIF_fuzzer: Stack-overflow in ImageItem_Grid::get_decoder.

The report by oss-fuzz is not very conclusive, but one of the stack traces appears to show that ImageItem_Grid::get_decoder() is making a recursive call and has called itself 240 times. It is possible that additional context due to AddressSanitizer might limit how much can be put on the stack.

This is the file which provokes the issue (with .jpg added to satisfy github):