From d449289c5e6fec9ad6a68a9e850f22fe14fa7c97 Mon Sep 17 00:00:00 2001
From: David Howden <dhowden@gmail.com>
Date: Wed, 7 Feb 2018 18:35:49 +1100
Subject: [PATCH] vorbis: fix panic on invalid encoding

Fixes #33
---
 vorbis.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/vorbis.go b/vorbis.go
index 75a9349..54f6a20 100644
--- a/vorbis.go
+++ b/vorbis.go
@@ -29,6 +29,10 @@ func (m *metadataVorbis) readVorbisComment(r io.Reader) error {
 		return err
 	}
 
+	if vendorLen < 0 {
+		return fmt.Errorf("invalid encoding: expected positive length, got %d", vendorLen)
+	}
+
 	vendor, err := readString(r, vendorLen)
 	if err != nil {
 		return err