CVE-2023-43361: Buffer overflow vulnerability in oggenc
https://gitlab.xiph.org/xiph/vorbis-tools/-/merge_requests/7#note_55477

Index: oggenc/platform.c
--- oggenc/platform.c.orig
+++ oggenc/platform.c
@@ -136,18 +136,22 @@ int create_directories(char *fn, int isutf8)
 {
     char *end, *start;
     struct stat statbuf;
-    char *segment = malloc(strlen(fn)+1);
+    const size_t fn_len = strlen(fn);
+    char *segment = malloc(fn_len+1);
 #ifdef _WIN32
     wchar_t seg[MAX_PATH+1];
 #endif
 
     start = fn;
 #ifdef _WIN32
-    if(strlen(fn) >= 3 && isalpha(fn[0]) && fn[1]==':')
+    // Strip drive prefix
+    if(fn_len >= 3 && isalpha(fn[0]) && fn[1]==':') {
+ 
         start = start+2;
 #endif
 
-    while((end = strpbrk(start+1, PATH_SEPS)) != NULL)
+    // Loop through path segments, creating directories if necessary
+    while((end = strpbrk(start + strspn(start, PATH_SEPS), PATH_SEPS)) != NULL)
     {
         int rv;
         memcpy(segment, fn, end-fn);
