Heap-buffer-overflow in in opj_t1_decode_cblk when disabling strict mode

[soiax]

POC: cl1_cblks_mqc.zip
./opj_decompress -allow-partial -i cl1_cblks_mqc.j2k -o ttt.png

[INFO] Start to read j2k main header (0).
[WARNING] Unknown marker
[INFO] Main header has been correctly decoded.
[INFO] No decoded area parameters, set the decoded area to the whole image
[WARNING] Tile part length size inconsistent with stream length
[INFO] Stream reached its end !
[INFO] Header of tile 8 / 12 has been read.
[WARNING] Expected SOP marker
[WARNING] Expected EPH marker
[WARNING] Expected SOP marker
[WARNING] Expected EPH marker
=================================================================
==17740==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60c00000017d at pc 0x55f78d042720 bp 0x7ffde663c080 sp 0x7ffde663b828
READ of size 60478 at 0x60c00000017d thread T0
    #0 0x55f78d04271f in __interceptor_memcpy.part.0 (/mnt/f/fuzz/openjpeg/openjpeg/asanbuildnofix/bin/opj_decompress+0x9571f)
    #1 0x55f78d31536b in opj_t1_decode_cblk /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/t1.c:2038
    #2 0x55f78d31536b in opj_t1_clbl_decode_processor /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/t1.c:1703
    #3 0x55f78d159cdf in opj_thread_pool_submit_job /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/thread.c:835
    #4 0x55f78d333812 in opj_t1_decode_cblks /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/t1.c:1942
    #5 0x55f78d1f313c in opj_tcd_t1_decode /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/tcd.c:2068
    #6 0x55f78d1f313c in opj_tcd_decode_tile /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/tcd.c:1722
    #7 0x55f78d1a33a1 in opj_j2k_decode_tile /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/j2k.c:9900
    #8 0x55f78d1a3edf in opj_j2k_decode_tiles /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/j2k.c:11755
    #9 0x55f78d178fec in opj_j2k_exec /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/j2k.c:9039
    #10 0x55f78d1ab460 in opj_j2k_decode /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/j2k.c:12058
    #11 0x55f78cfc2e1e in main /mnt/f/fuzz/openjpeg/openjpeg/src/bin/jp2/opj_decompress.c:1585
    #12 0x7ff17c465082 in __libc_start_main ../csu/libc-start.c:308
    #13 0x55f78cfc9ddd in _start (/mnt/f/fuzz/openjpeg/openjpeg/asanbuildnofix/bin/opj_decompress+0x1cddd)

0x60c00000017d is located 0 bytes to the right of 125-byte region [0x60c000000100,0x60c00000017d)
allocated by thread T0 here:
    #0 0x55f78d0b4a68 in malloc (/mnt/f/fuzz/openjpeg/openjpeg/asanbuildnofix/bin/opj_decompress+0x107a68)
    #1 0x55f78d1a19cf in opj_j2k_read_sod /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/j2k.c:4991
    #2 0x55f78d1a19cf in opj_j2k_read_tile_header /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/j2k.c:9730
    #3 0x55f78d1a41b3 in opj_j2k_decode_tiles /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/j2k.c:11738
    #4 0x55f78d178fec in opj_j2k_exec /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/j2k.c:9039
    #5 0x55f78d1ab460 in opj_j2k_decode /mnt/f/fuzz/openjpeg/openjpeg/src/lib/openjp2/j2k.c:12058
    #6 0x55f78cfc2e1e in main /mnt/f/fuzz/openjpeg/openjpeg/src/bin/jp2/opj_decompress.c:1585
    #7 0x7ff17c465082 in __libc_start_main ../csu/libc-start.c:308

Root cause seem to be that at https://github.com/uclouvain/openjpeg/blob/master/src/lib/openjp2/j2k.c#L5052
opj_stream_read_data returns with error '-1', but that is never checked, and it is used at https://github.com/uclouvain/openjpeg/blob/master/src/lib/openjp2/j2k.c#L5067 as uint so 0xffffffff .
Which causes some trouble later in the code.