From 4bb97bcef6e8b4619c7f733be64dc14cf41d0e55 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaroslav=20Loba=C4=8Devski?= <jarlob@github.com>
Date: Thu, 19 Oct 2023 17:13:56 +0200
Subject: [PATCH] Fix Wild address read in `vorbis_decode_packet_rest`
 (`GHSL-2023-172/CVE-2023-45682`)

---
 stb_vorbis.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/stb_vorbis.c
+++ b/stb_vorbis.c
@@ -1738,7 +1738,7 @@ static int codebook_decode_scalar(vorb *
 
 #define DECODE(var,f,c)                                       \
    DECODE_RAW(var,f,c)                                        \
-   if (c->sparse) var = c->sorted_values[var];
+   if (c->sparse && var >= 0) var = c->sorted_values[var];
 
 #ifndef STB_VORBIS_DIVIDES_IN_CODEBOOK
   #define DECODE_VQ(var,f,c)   DECODE_RAW(var,f,c)