Pointer arithmetic overflow in spa_pod_*_is_inside()
spa_pod_*_is_inside()
allows out-of-bounds pointer arithmetic. This is undefined behavior and on 32-bit systems this could result in wraparound, allowing a bounds check to be bypassed. The patch might be similar to the patch for #3727.