Use the sps from the image

(as e.g mc_chroma is using the sps to determine
picture properties, like pic_width_in_luma_samples
and pic_height_in_luma_samples, I *think* this is
more correct.

This PR is for discussion. (See strukturag#345.)
It makes the failures go away, but that does not mean it's correct :)

The following poc will be stop failing if (only) this
patch is applied:

 - poc2  strukturag#336 - CVE-2022-43238
 - poc4  strukturag#338 - CVE-2022-43241
 - poc6-1, poc6-2 strukturag#340 - CVE-2022-43242
 - poc7-1, poc7-2  strukturag#341 - CVE-2022-43239
 - poc8-1 strukturag#342 - CVE-2022-43244
 - poc9-3 strukturag#343 - CVE-2022-43236
 - poc10-2, poc10-3 strukturag#344 - CVE-2022-43237
 - poc16 strukturag#350
 - poc19 strukturag#353

The following are still failing if only this patch is
applied, but they stop failing if strukturag#365 is applied as well, but will
still fail with ONLY strukturag#365 applied (IOW, both are needed)

 - poc1  strukturag#335 - CVE-2022-43240
 - poc3  strukturag#337 - CVE-2022-43235
 - poc5   strukturag#339 - CVE-2022-43423
 - poc9-1,poc9-2, poc9-4  strukturag#343 - CVE-2022-43236
 - poc14  strukturag#348 - CVE-2022-43253
 - poc15  strukturag#349 - CVE-2022-43248
 - poc17-1, poc17-2  strukturag#351
 - poc18 strukturag#352 - CVE-2022-43245

libde265/motion.cc

@@ -290,7 +290,7 @@ void generate_inter_prediction_samples(base_context* ctx,
   int    stride[3];
 
   const pic_parameter_set* pps = shdr->pps.get();
-  const seq_parameter_set* sps = pps->sps.get();
+  const seq_parameter_set* sps = img->get_shared_sps().get();
 
   const int SubWidthC  = sps->SubWidthC;
   const int SubHeightC = sps->SubHeightC;