Highlights
Memory Corruption: 14 prior fixes. Scrutinize any change in this area.
lib/info.c: most-fixed (16 issues). Treat as high-risk during review.
22 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns
The bug types that recur here, drawn from past fixes, not open vulnerabilities.
Memory Corruption: The parsing and initialization of Vorbis headers frequently suffer from invalid free, double-free, and use-after-free vulnerabilities during error cleanup pathways. Uninitialized or uncleared backend states under abnormal channel parameters allow attackers to trigger invalid memory releases.
Out-of-bounds Write: Vector quantisation decoding logic can write past allocated destination bounds when codebook dimensions are not exact divisors of the partition size or when processing invalid codebook configurations, leading to direct heap corruption (CVE-2018-5146).
Memory Corruption: Incorrect dynamic dispatch indexing on map, floor, or residue arrays can trigger arbitrary function calls or memory corruption during stream cleanup if the stream declares unsupported map types.