parse: avoid UB on double to integer casts

Casting floating point values to an integer type is undefined
behaviour if it's not a regular number or the integral part cannot be
represented in the integer type.

This fixes issues found by UBSAN in libass' public OSS-Fuzz corpus
where NAN ("be") or a too large value ("k") was casted to int.

Sample IDs (one instance each there are duplicates):
  OSSFuzz-3617a28ea3900c2603059049ce4c70c01a535a3e
  OSSFuzz-292a3032ea273cc9dbaaa0a4291dd84e0cc07c65

1 files changed, 3 insertions, 3 deletions

diff --git a/libass/ass_parse.c b/libass/ass_parse.c
index b566313..9dc59f3 100644
--- a/libass/ass_parse.c
+++ b/libass/ass_parse.c
@@ -768,10 +768,10 @@ char *parse_tags(ASS_Renderer *render_priv, char *p, char *end, double pwr,
         } else if (tag("be")) {
             double dval;
             if (nargs) {
-                int val;
+                int32_t val;
                 dval = argtod(*args);
                 // VSFilter always adds +0.5, even if the value is negative
-                val = (int) (render_priv->state.be * (1 - pwr) + dval * pwr + 0.5);
+                val = dtoi32(render_priv->state.be * (1 - pwr) + dval * pwr + 0.5);
                 // Clamp to a safe upper limit, since high values need excessive CPU
                 val = (val < 0) ? 0 : val;
                 val = (val > MAX_BE) ? MAX_BE : val;
@@ -816,7 +816,7 @@ char *parse_tags(ASS_Renderer *render_priv, char *p, char *end, double pwr,
             if (render_priv->state.effect_timing)
                 render_priv->state.effect_skip_timing +=
                     render_priv->state.effect_timing;
-            render_priv->state.effect_timing = val * 10;
+            render_priv->state.effect_timing = dtoi32(val * 10);
         } else if (tag("shad")) {
             double val, xval, yval;
             if (nargs) {