Around line 170 of sndfile.cpp, CSoundFile::Create() does:
lpStream = NULL;
MMCMP_SUPPORT is defined within the same file, so this part of the code frees the mem pointer passed to it by way of ModPlug_Load() which seems unsafe. You do not know what memory address is passed as lpStream: it need not be a malloc'ed memory at all, and the client need not be aware of the library's free'ing it either. Am I missing something?