patch/CVE-2019-20633.patch

26 lines
673 B
Diff
Raw Normal View History

commit a09d9519a57e84d8e2ad592fbba09e8a9faf55f8
Author: Wolfgang Frisch <wolfgang.frisch@suse.com>
Date: Tue Jul 30 14:17:32 2024 +0200
Fix double-free/OOB read in pch.c (CVE-2019-20633)
see also: https://savannah.gnu.org/bugs/index.php?56683#comment1
diff --git a/src/pch.c b/src/pch.c
index fd9c480..57c76de 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -1183,8 +1183,11 @@ another_hunk (enum diff difftype, bool rev)
while (p_end >= 0) {
if (p_end == p_efake)
p_end = p_bfake; /* don't free twice */
- else
+ else {
free(p_line[p_end]);
+ p_line[p_end] = NULL;
+ p_len[p_end] = 0;
+ }
p_end--;
}
assert(p_end == -1);