commit a09d9519a57e84d8e2ad592fbba09e8a9faf55f8
Author: Wolfgang Frisch <wolfgang.frisch@suse.com>
Date:   Tue Jul 30 14:17:32 2024 +0200

    Fix double-free/OOB read in pch.c (CVE-2019-20633)
    
    see also: https://savannah.gnu.org/bugs/index.php?56683#comment1

diff --git a/src/pch.c b/src/pch.c
index fd9c480..57c76de 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -1183,8 +1183,11 @@ another_hunk (enum diff difftype, bool rev)
     while (p_end >= 0) {
 	if (p_end == p_efake)
 	    p_end = p_bfake;		/* don't free twice */
-	else
+	else {
 	    free(p_line[p_end]);
+	    p_line[p_end] = NULL;
+	    p_len[p_end] = 0;
+	}
 	p_end--;
     }
     assert(p_end == -1);