liboggz2: Segmentation Fault (heap buffer overflow) in oggz_comments_decode()
This issue was originally reported as https://bugs.debian.org/964303 by Rafael Dutra rafael.dutra@cispa.saarland:
This bug causes a crash in the application when a specially crafted input file is parsed. It's a read violation of about 43k bytes caused by a heap buffer overflow at src/liboggz/oggz_comments.c:604:4 in oggz_comments_decode().
To reproduce: Install oggz-tools package. Run the command oggz-validate input_file.ogg
I'm sending attached an input file that triggers the bug.