SDL_mixer: stb_vorbis: revise CVE-2023-45676 / CVE-2023-45677 fix. (c1b3d)

From c1b3d5c8533ece138f4aa6797a29204932bf72cf Mon Sep 17 00:00:00 2001
From: Ozkan Sezer <[EMAIL REDACTED]>
Date: Mon, 11 Dec 2023 08:55:04 +0300
Subject: [PATCH] stb_vorbis: revise CVE-2023-45676 / CVE-2023-45677 fix.

c.f.: https://github.com/nothings/stb/issues/1248.
---
 src/codecs/stb_vorbis/stb_vorbis.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/codecs/stb_vorbis/stb_vorbis.h b/src/codecs/stb_vorbis/stb_vorbis.h
index 43f6dab4..6944dbc4 100644
--- a/src/codecs/stb_vorbis/stb_vorbis.h
+++ b/src/codecs/stb_vorbis/stb_vorbis.h
@@ -986,7 +986,7 @@ static void *make_block_array(void *mem, int count, int size)
 
 static void *setup_malloc(vorb *f, int sz)
 {
-   if (sz < 0 || INT_MAX - 7 < sz) return NULL;
+   if (sz <= 0 || INT_MAX - 7 < sz) return NULL;
    sz = (sz+7) & ~7; // round up to nearest 8 for alignment of future allocs.
    f->setup_memory_required += sz;
    if (f->alloc.alloc_buffer) {