A Endless-Loop detected in ok_wav.c:ok_wav_decode_caf_file

[p0l42]

Hello, A endless-loop detected in ok_wav_decode_caf_file by fuzzing. In detail, my testcase's chunk_length is 0x64, and after casting input_user_data to FILE, it access a wrong memory, and the memory here has data fit fseek(input_user_data, 0x64, SEEK_CUR), so the function ok_seek always return true In the loop in ok_wav_decode_caf_file, while(true), the chunk_header check always goto else branch, so a endless loop triggered in this case. The gdb info is as follows: p chunk_length $13 = 0x64 p decoder->input_user_data `$19 = (void) 0x55555555c2a0 x/32gx 0x55555555c2a0+0x64 0x55555555c304 0xf7e1a6a000000000 0x0000000300007fff ....` The testcase I'll upload soon.

[p0l42]

The testcase and gdb debug info is here. endless-loop.zip