Alice R.

I pushed an update that implements (roughly) what you described. Since the buffers are never allocated for more than one codebook at a time I put them all in f->.

Ran a brief libFuzzer+ASan run on this patch and it looks like there are still issues to work out—will update. edit: specifically the issue is that storing the temporary codewords...

I don't have any other tests that would be relevant to finding leaks/double frees, nor do I have a particularly good variety of invalid files to test against. No other...

My tester found some new slow load cases that might be due to another missed EOF check here, will follow up again: [OGG_slow_loads2.zip](https://github.com/nothings/stb/files/6833546/OGG_slow_loads2.zip) No further crashes related to this patch,...

It looks like the path the slow loads follow is valid: when `ordered` is true, the codebook can contain an absurd number of entries without needing to read most of...

I've updated this patch to remove `(void **)&pointer` usage, which flags warnings in old GCC versions (cited version was 4.2) as well as newer versions with `-fstrict-aliasing -Wstrict-aliasing=2` (tested with...

Two more inputs with the same ASan stack dump have shown up since. Updated test inputs zip: [OGG_lookup_values_oom.zip](https://github.com/nothings/stb/files/8104030/OGG_lookup_values_oom.zip)

libFuzzer and UBSan found another one of these: the sample clamping used in several functions can result in signed integer overflows with extreme values. No test inputs yet and I'm...

> without testing, i would guess for the latest issue that moving the cast inside the parentheses (so it applies to 'v' only) would fix it This does appear to...

Here are OGGs I pulled out of the fuzz files I have for the clamping warnings. UBSan also emits the `FAST_SCALED_FLOAT_TO_INT` warnings for these: [OGG_clamp_overflow.tar.gz](https://github.com/nothings/stb/files/7652702/OGG_clamp_overflow.tar.gz)