diff --git a/media/libtheora/lib/dec/decinfo.c b/media/libtheora/lib/dec/decinfo.c
index e51d63e..d08d6b6 100644
--- a/media/libtheora/lib/dec/decinfo.c
+++ b/media/libtheora/lib/dec/decinfo.c
@@ -11,7 +11,7 @@
  ********************************************************************
 
   function:
-    last mod: $Id: decinfo.c 15400 2008-10-15 12:10:58Z tterribe $
+    last mod: $Id$
 
  ********************************************************************/
 
@@ -111,14 +111,15 @@ static int oc_comment_unpack(oggpack_buffer *_opb,th_comment *_tc){
   int  i;
   /*Read the vendor string.*/
   len=oc_unpack_length(_opb);
-  if(len<0||theorapackB_bytes(_opb)+len>_opb->storage)return TH_EBADHEADER;
+  if(len<0||len>_opb->storage-theorapackB_bytes(_opb))return TH_EBADHEADER;
   _tc->vendor=_ogg_malloc((size_t)len+1);
   oc_unpack_octets(_opb,_tc->vendor,len);
   _tc->vendor[len]='\0';
   /*Read the user comments.*/
   _tc->comments=(int)oc_unpack_length(_opb);
-  if(_tc->comments<0||_tc->comments>(LONG_MAX>>2)||
-   theorapackB_bytes(_opb)+((long)_tc->comments<<2)>_opb->storage){
+  len=_tc->comments;
+  if(len<0||len>(LONG_MAX>>2)||len<<2>_opb->storage-theorapackB_bytes(_opb)){
+    _tc->comments=0;
     return TH_EBADHEADER;
   }
   _tc->comment_lengths=(int *)_ogg_malloc(
@@ -127,7 +128,7 @@ static int oc_comment_unpack(oggpack_buffer *_opb,th_comment *_tc){
    _tc->comments*sizeof(_tc->user_comments[0]));
   for(i=0;i<_tc->comments;i++){
     len=oc_unpack_length(_opb);
-    if(len<0||theorapackB_bytes(_opb)+len>_opb->storage){
+    if(len<0||len>_opb->storage-theorapackB_bytes(_opb)){
       _tc->comments=i;
       return TH_EBADHEADER;
     }
@@ -224,12 +225,10 @@ static int oc_dec_headerin(oggpack_buffer *_opb,th_info *_info,
 int th_decode_headerin(th_info *_info,th_comment *_tc,
  th_setup_info **_setup,ogg_packet *_op){
   oggpack_buffer opb;
-  int            ret;
   if(_op==NULL)return TH_EBADHEADER;
   if(_info==NULL)return TH_EFAULT;
   theorapackB_readinit(&opb,_op->packet,_op->bytes);
-  ret=oc_dec_headerin(&opb,_info,_tc,_setup,_op);
-  return ret;
+  return oc_dec_headerin(&opb,_info,_tc,_setup,_op);
 }
 
 void th_setup_free(th_setup_info *_setup){