Sébastien Duquette

## heap overflow in VorbisDecoderInternal::readInternal crash input: [crash-7f190cd04b5fbf6f813db4447b5010e63867fe6a.ogg](https://drive.google.com/open?id=10xpTDUrHzJLFknsY4bF8333YpvnMHZJc) For reference, the fuzzer can be found on my `fuzzing` branch. The provided sample also crashes the sample `libnyquist-examples` that is provided...

Is this change still wanted? It sounds like something that wouldn't be too difficult to do.

I did some tests by adding `debug_assert!(ret.is_valid())` at the end of methods that are returning a Cursor and running the test suite. The Cursor methods `canonical()` and `declaration()` currently can...

This bug seems to still be there. ```rust let re = Regex::new(r"(.)(.)").unwrap(); let s1 = re.replace("ab","$1-$2"); let s2 = re.replace("ab","$1_$2"); assert_eq!("a-b", &s1); assert_eq!("a_b", &s2); // Fails here "a_b" != "b"...