Crash in matroska_segment_c::Select when playing corrupted MKV

Valgrind log and testcase attached.

Backtrace:

#0 0x00007ffff6b990c6 in ?? () from /lib/libc.so.6 #1 (closed) 0x00007fffe8c1a558 in matroska_segment_c::Select (this=0x7fffec017910, i_start_time=0) at /usr/include/bits/string3.h:52 #2 (closed) 0x00007fffe8c23a98 in demux_sys_t::PreparePlayback (this=0x7fffec017310, p_new_segment=) at ../../../../modules/demux/mkv/demux.cpp:715 #3 (closed) 0x00007fffe8c1590c in Open (p_this=0x12ed318) at ../../../../modules/demux/mkv/mkv.cpp:238 #4 0x00007ffff796778d in vlc_module_load (p_this=0x12ed318, psz_capability=0x7ffff7997e41 "demux", psz_name=, b_strict=true, probe=0x7ffff7967280 <generic_start>) at ../../src/modules/modules.c:342 #5 (closed) 0x00007ffff792e1e9 in demux_New (p_obj=, p_parent_input=, psz_access=0x12ed4e5 "mkv", psz_demux=0x7ffff79a22ca "", psz_location=, s=, out=0x6d08a0, b_quick=true) at ../../src/input/demux.c:189 #6 (closed) 0x00007ffff7939f60 in InputSourceInit (p_input=, in=, psz_mrl=, psz_forced_demux=, b_in_can_fail=false) at ../../src/input/input.c:2551 #7 (closed) 0x00007ffff793ad76 in Init (p_input=0x6d8268) at ../../src/input/input.c:1240 #8 (closed) 0x00007ffff793c2c0 in input_Preparse (p_parent=, p_item=) at ../../src/input/input.c:202 #9 (closed) 0x00007ffff7920b75 in Preparse (p_item=0x6c8950, p_playlist=0x6e64c8) at ../../src/playlist/preparser.c:137 #10 (closed) Thread (data=0x6da290) at ../../src/playlist/preparser.c:215 #11 (closed) 0x00007ffff7009df0 in start_thread () from /lib/libpthread.so.0 #12 (closed) 0x00007ffff6b4b39d in clone () from /lib/libc.so.6 #13 (closed) 0x0000000000000000 in ?? ()