Audit and fix integer overflows in multiplications with rowBytes in src/reformat.c

[wantehchang]

This is a part of the fix to #2271.

This patch file indicates a place that needs fixing, with the UBSan or -fsanitize=integer error message. All the multiplications with rowBytes in src/reformat.c need to be audited.

diff --git a/src/reformat.c b/src/reformat.c
index 658d5ac8..9ea8ebc8 100644
--- a/src/reformat.c
+++ b/src/reformat.c
@@ -286,8 +286,8 @@ avifResult avifImageRGBToYUV(avifImage * image, const avifRGBImage * rgb)
                 // Convert an entire 2x2 block to YUV, and populate any fully sampled channels as we go
                 for (int bJ = 0; bJ < blockH; ++bJ) {
                     for (int bI = 0; bI < blockW; ++bI) {
-                        int i = outerI + bI;
-                        int j = outerJ + bJ;
+                        size_t i = outerI + bI;
+                        size_t j = outerJ + bJ;
 
                         // Unpack RGB into normalized float
                         if (state.rgb.channelBytes > 1) {
@@ -301,6 +301,7 @@ avifResult avifImageRGBToYUV(avifImage * image, const avifRGBImage * rgb)
                                 *((uint16_t *)(&rgb->pixels[state.rgb.offsetBytesB + (i * state.rgb.pixelBytes) + (j * rgb->rowBytes)])) /
                                 rgbMaxChannelF;
                         } else {
+                            // unsigned integer overflow: 77056 + 4294890240 cannot be represented in type 'uint32_t' (aka 'unsigned int')
                             rgbPixel[0] = rgb->pixels[state.rgb.offsetBytesR + (i * state.rgb.pixelBytes) + (j * rgb->rowBytes)] /
                                           rgbMaxChannelF;
                             rgbPixel[1] = rgb->pixels[state.rgb.offsetBytesG + (i * state.rgb.pixelBytes) + (j * rgb->rowBytes)] /