diff --git a/apps/codecs/libtremor/info.c b/apps/codecs/libtremor/info.c
index f3ac5f87f6..62a31d510e 100644
--- a/apps/codecs/libtremor/info.c
+++ b/apps/codecs/libtremor/info.c
@@ -140,11 +140,15 @@ static int _vorbis_unpack_info(vorbis_info *vi,oggpack_buffer *opb){
 }
 
 static int _vorbis_unpack_comment(vorbis_comment *vc,oggpack_buffer *opb){
-  int vendorlen=oggpack_read(opb,32);
+  int vendorlen;
+  vendorlen=oggpack_read(opb,32);
   if(vendorlen<0)goto err_out;
+  if(vendorlen>opb->storage-oggpack_bytes(opb))goto err_out;
   vc->vendor=(char *)_ogg_calloc(vendorlen+1,1);
+  if(vc->vendor==NULL)goto err_out;
   _v_readstring(opb,vc->vendor,vendorlen);
-  vc->comments=0; 
+  vc->comments=0;
+  /* ROCKBOX: the meat of this function was deleted as we don't need it */
   return(0);
  err_out:
   vorbis_comment_clear(vc);