Wrong length used for copying of array in ivas_mdct_core_invQ

In the function ivas_mdct_core_invQ, there is this code part:

    /* temporarily restore LR representation of previous frame for PLC mode decision (done on the individual channels) */
    if ( bfi && !MCT_flag && ( hCPE->hStereoMdct->mdct_stereo_mode[0] > SMDCT_DUAL_MONO || hCPE->hStereoMdct->mdct_stereo_mode[1] > SMDCT_DUAL_MONO ) )
    {
        L_frameTCX[0] = sts[0]->L_frameTCX_past;
        L_frameTCX[1] = sts[1]->L_frameTCX_past;
        mvr2r( sts[0]->hTonalMDCTConc->lastBlockData.spectralData, tmp_ms_sig[0], L_frameTCX[0] );
        mvr2r( sts[1]->hTonalMDCTConc->lastBlockData.spectralData, tmp_ms_sig[1], L_frameTCX[0] ); // <-- should be L_frameTCX[1] here?

In the second call to mvr2r, the spec length of channel 0 is used, even though channel 1 is copied. This is likely a typo. In BASOP, the correct index is used.

The buffer has a static length, so no risk of oob writing here. If L_frameTCX[0] is smaller than L_frameTCX[1], this could miss out on copying parts of the signal.