SDL_mixer: stb_vorbis: fix CVE-2023-45682

From 47cff74165c25e4f15c6f9403a931a12026dd927 Mon Sep 17 00:00:00 2001
From: Ozkan Sezer <[EMAIL REDACTED]>
Date: Mon, 11 Dec 2023 05:50:50 +0300
Subject: [PATCH] stb_vorbis: fix CVE-2023-45682
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Based on patch by Jaroslav Lobačevski (@JarLob) submitted to
mainstream at https://github.com/nothings/stb/pull/1560

GHSL-2023-172/CVE-2023-45682: Wild address read in vorbis_decode_packet_rest()
---
 src/codecs/stb_vorbis/stb_vorbis.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/codecs/stb_vorbis/stb_vorbis.h b/src/codecs/stb_vorbis/stb_vorbis.h
index 3ed81827..51f3795b 100644
--- a/src/codecs/stb_vorbis/stb_vorbis.h
+++ b/src/codecs/stb_vorbis/stb_vorbis.h
@@ -1840,7 +1840,7 @@ static int codebook_decode_scalar(vorb *f, Codebook *c)
 
 #define DECODE(var,f,c)                                       \
    DECODE_RAW(var,f,c)                                        \
-   if (c->sparse) var = c->sorted_values[var];
+   if (c->sparse && var >= 0) var = c->sorted_values[var];
 
 #ifndef STB_VORBIS_DIVIDES_IN_CODEBOOK
   #define DECODE_VQ(var,f,c)   DECODE_RAW(var,f,c)