The specification should mention how to deal with residue_begin > residue_end

[AlexTMjugador]

In the section 8.6.1 of the Vorbis I specification it is mentioned how to read the residue_begin and residue_end for a residue configuration in the setup header. However, as far as I am aware the specification does not mention that any of these values should be validated in any way.

When decoding an audio packet that uses this residue configuration, as described in section 8.6.2, n_to_read would be a subtraction with overflow when using unsigned integers if residue_begin > residue_end, or yield a negative value if using signed 32-bit arithmetic.

I think that to ensure that implementations are as interoperable as possible the specification should mention how to deal with this edge case. The reference implementation in this repository uses signed 32-bit integers in most places, so n_to_read would be negative and probably interpreted as "nothing to read", but I haven't looked into it.

I've stumbled upon this edge case while fuzzing a Vorbis stream manipulation program.