gnu: ghostscript: Switch to Artifex Ghostcript and update to 9.21.
* gnu/packages/ghostscript.scm (ghostscript): Update to 9.21. [source]: Fetch the source from Artifex. [native-inputs]: Remove pkg-config. [inputs]: Add jbig2dec and use libjpeg instead of libjpeg-8. [arguments]: Add #:configure-flags. [replacement]: Remove field. (ghostcript/fixed): Remove variable. * gnu/packages/patches/ghostscript-CVE-2017-8291.patch, gnu/packages/patches/ghostscript-runpath.patch: Adjust to new upstream source. * gnu/packages/patches/ghostscript-CVE-2013-5653.patch, gnu/packages/patches/ghostscript-CVE-2015-3228.patch, gnu/packages/patches/ghostscript-CVE-2016-7976.patch, gnu/packages/patches/ghostscript-CVE-2016-7978.patch, gnu/packages/patches/ghostscript-CVE-2016-7979.patch, gnu/packages/patches/ghostscript-CVE-2016-8602.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Adjust accordingly.
This commit is contained in:
parent
baf549df14
commit
d6158fe70d
|
@ -614,12 +614,6 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/gettext-multi-core.patch \
|
||||
%D%/packages/patches/gettext-gnulib-multi-core.patch \
|
||||
%D%/packages/patches/ghc-dont-pass-linker-flags-via-response-files.patch \
|
||||
%D%/packages/patches/ghostscript-CVE-2013-5653.patch \
|
||||
%D%/packages/patches/ghostscript-CVE-2015-3228.patch \
|
||||
%D%/packages/patches/ghostscript-CVE-2016-7976.patch \
|
||||
%D%/packages/patches/ghostscript-CVE-2016-7978.patch \
|
||||
%D%/packages/patches/ghostscript-CVE-2016-7979.patch \
|
||||
%D%/packages/patches/ghostscript-CVE-2016-8602.patch \
|
||||
%D%/packages/patches/ghostscript-CVE-2017-8291.patch \
|
||||
%D%/packages/patches/ghostscript-runpath.patch \
|
||||
%D%/packages/patches/glib-networking-ssl-cert-file.patch \
|
||||
|
|
|
@ -130,53 +130,47 @@ printing, and psresize, for adjusting page sizes.")
|
|||
(define-public ghostscript
|
||||
(package
|
||||
(name "ghostscript")
|
||||
(version "9.14.0")
|
||||
;; XXX Try removing the bundled copy of jbig2dec.
|
||||
(source (origin
|
||||
(version "9.21")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://gnu/ghostscript/gnu-ghostscript-"
|
||||
version ".tar.xz"))
|
||||
(uri (string-append "https://github.com/ArtifexSoftware/"
|
||||
"ghostpdl-downloads/releases/download/gs"
|
||||
(string-delete #\. version)
|
||||
"/ghostscript-" version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0q4jj41p0qbr4mgcc9q78f5zs8cm1g57wgryhsm2yq4lfslm3ib1"))
|
||||
(patches (search-patches "ghostscript-CVE-2013-5653.patch"
|
||||
"ghostscript-CVE-2015-3228.patch"
|
||||
"ghostscript-CVE-2016-7976.patch"
|
||||
"ghostscript-CVE-2016-7978.patch"
|
||||
"ghostscript-CVE-2016-7979.patch"
|
||||
"ghostscript-CVE-2016-8602.patch"
|
||||
"ghostscript-CVE-2017-8291.patch"
|
||||
"ghostscript-runpath.patch"))
|
||||
"0lyhjcrkmd5fcmh8h56bs4xr9k4jasmikv5vsix1hd4ai0ad1q9b"))
|
||||
(patches (search-patches "ghostscript-runpath.patch"
|
||||
"ghostscript-CVE-2017-8291.patch"))
|
||||
(modules '((guix build utils)))
|
||||
(snippet
|
||||
;; Honor --docdir.
|
||||
'(substitute* "Makefile.in"
|
||||
(("^docdir=.*$") "docdir = @docdir@\n")
|
||||
(("^exdir=.*$") "exdir = $(docdir)/examples\n")))))
|
||||
;; Remove bundled libraries. The bundled OpenJPEG is a patched fork so
|
||||
;; we leave it, at least for now.
|
||||
;; TODO Try unbundling ijs, which is developed alongside Ghostscript.
|
||||
'(begin
|
||||
(for-each delete-file-recursively '("freetype" "jbig2dec" "jpeg"
|
||||
"lcms2" "libpng"
|
||||
"tiff" "zlib"))))))
|
||||
(build-system gnu-build-system)
|
||||
(outputs '("out" "doc")) ;16 MiB of HTML/PS doc + examples
|
||||
(inputs `(("freetype" ,freetype)
|
||||
("lcms" ,lcms)
|
||||
("libjpeg-8" ,libjpeg-8)
|
||||
("libpng" ,libpng)
|
||||
("libpaper" ,libpaper)
|
||||
("libtiff" ,libtiff)
|
||||
("zlib" ,zlib)))
|
||||
(native-inputs
|
||||
`(("perl" ,perl)
|
||||
("pkg-config" ,pkg-config) ; needed to find libtiff
|
||||
("python" ,python-wrapper)
|
||||
("tcl" ,tcl)))
|
||||
(outputs '("out" "doc")) ;19 MiB of HTML/PS doc + examples
|
||||
(arguments
|
||||
`(#:disallowed-references ("doc")
|
||||
#:configure-flags
|
||||
(list "--with-system-libtiff"
|
||||
"LIBS=-lz"
|
||||
(string-append "ZLIBDIR="
|
||||
(assoc-ref %build-inputs "zlib") "/include")
|
||||
"--enable-dynamic")
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-after 'configure 'patch-config-files
|
||||
(add-after 'unpack 'fix-doc-dir
|
||||
(lambda _
|
||||
(substitute* "base/all-arch.mak"
|
||||
(("/bin/sh") (which "sh")))
|
||||
(substitute* "base/unixhead.mak"
|
||||
(("/bin/sh") (which "sh")))))
|
||||
;; Honor --docdir.
|
||||
(substitute* "Makefile.in"
|
||||
(("^docdir=.*$") "docdir = @docdir@\n")
|
||||
(("^exdir=.*$") "exdir = $(docdir)/examples\n"))
|
||||
#t))
|
||||
(add-after 'configure 'remove-doc-reference
|
||||
(lambda _
|
||||
;; Don't retain a reference to the 'doc' output in 'gs'.
|
||||
|
@ -184,11 +178,17 @@ printing, and psresize, for adjusting page sizes.")
|
|||
;; 'gs --help', so this change is fine.
|
||||
(substitute* "base/gscdef.c"
|
||||
(("GS_DOCDIR")
|
||||
"\"~/.guix-profile/share/doc/ghostscript\""))))
|
||||
"\"~/.guix-profile/share/doc/ghostscript\""))
|
||||
#t))
|
||||
(add-after 'configure 'patch-config-files
|
||||
(lambda _
|
||||
(substitute* "base/unixhead.mak"
|
||||
(("/bin/sh") (which "sh")))
|
||||
#t))
|
||||
(replace 'build
|
||||
(lambda _
|
||||
;; Build 'libgs.so', but don't build the statically-linked 'gs'
|
||||
;; binary (saves 18 MiB).
|
||||
;; binary (saves 22 MiB).
|
||||
(zero? (system* "make" "so" "-j"
|
||||
(number->string (parallel-job-count))))))
|
||||
(replace 'install
|
||||
|
@ -197,17 +197,30 @@ printing, and psresize, for adjusting page sizes.")
|
|||
(add-after 'install 'create-gs-symlink
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(let ((out (assoc-ref outputs "out")))
|
||||
;; some programs depend on having a 'gs' binary available
|
||||
(symlink "gsc" (string-append out "/bin/gs"))))))))
|
||||
;; Some programs depend on having a 'gs' binary available.
|
||||
(symlink "gsc" (string-append out "/bin/gs"))
|
||||
#t))))))
|
||||
(native-inputs
|
||||
`(("perl" ,perl)
|
||||
("python" ,python-wrapper)
|
||||
("tcl" ,tcl)))
|
||||
(inputs
|
||||
`(("freetype" ,freetype)
|
||||
("jbig2dec" ,jbig2dec)
|
||||
("lcms2" ,lcms)
|
||||
("libjpeg" ,libjpeg)
|
||||
("libpaper" ,libpaper)
|
||||
("libpng" ,libpng)
|
||||
("libtiff" ,libtiff)
|
||||
("zlib" ,zlib)))
|
||||
(synopsis "PostScript and PDF interpreter")
|
||||
(description
|
||||
"Ghostscript is an interpreter for the PostScript language and the PDF
|
||||
file format. It also includes a C library that implements the graphics
|
||||
capabilities of the PostScript language. It supports a wide variety of
|
||||
output file formats and printers.")
|
||||
(license license:agpl3+)
|
||||
(home-page "https://www.gnu.org/software/ghostscript/")
|
||||
(properties '((upstream-name . "gnu-ghostscript")))))
|
||||
(home-page "https://www.ghostscript.com/")
|
||||
(license license:agpl3+)))
|
||||
|
||||
(define-public ghostscript/x
|
||||
(package/inherit ghostscript
|
||||
|
|
|
@ -1,85 +0,0 @@
|
|||
The following patch was adapted for GNU Ghostscript
|
||||
by Mark H Weaver <mhw@netris.org> based on:
|
||||
|
||||
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ab109aaeb3ddba59518b036fb288402a65cf7ce8
|
||||
|
||||
From ab109aaeb3ddba59518b036fb288402a65cf7ce8 Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Sat, 5 Mar 2016 14:56:03 -0800
|
||||
Subject: [PATCH] Bug 694724: Have filenameforall and getenv honor SAFER
|
||||
|
||||
---
|
||||
Resource/Init/gs_init.ps | 2 ++
|
||||
psi/zfile.c | 36 ++++++++++++++++++++----------------
|
||||
2 files changed, 22 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
|
||||
index fa33d88..99888ac 100644
|
||||
--- a/Resource/Init/gs_init.ps
|
||||
+++ b/Resource/Init/gs_init.ps
|
||||
@@ -2018,6 +2018,7 @@ readonly def
|
||||
|
||||
/.locksafe {
|
||||
.locksafe_userparams
|
||||
+ systemdict /getenv {pop //false} put
|
||||
% setpagedevice has the side effect of clearing the page, but
|
||||
% we will just document that. Using setpagedevice keeps the device
|
||||
% properties and pagedevice .LockSafetyParams in agreement even
|
||||
@@ -2036,6 +2037,7 @@ readonly def
|
||||
%%
|
||||
/.locksafeglobal {
|
||||
.locksafe_userparams
|
||||
+ systemdict /getenv {pop //false} put
|
||||
% setpagedevice has the side effect of clearing the page, but
|
||||
% we will just document that. Using setpagedevice keeps the device
|
||||
% properties and pagedevice .LockSafetyParams in agreement even
|
||||
diff --git a/psi/zfile.c b/psi/zfile.c
|
||||
index 320ecd5..0b9f299 100644
|
||||
--- a/psi/zfile.c
|
||||
+++ b/psi/zfile.c
|
||||
@@ -371,22 +371,26 @@ file_continue(i_ctx_t *i_ctx_p)
|
||||
|
||||
if (len < devlen)
|
||||
return_error(e_rangecheck); /* not even room for device len */
|
||||
- memcpy((char *)pscratch->value.bytes, iodev->dname, devlen);
|
||||
- code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen,
|
||||
- len - devlen);
|
||||
- if (code == ~(uint) 0) { /* all done */
|
||||
- esp -= 5; /* pop proc, pfen, devlen, iodev , mark */
|
||||
- return o_pop_estack;
|
||||
- } else if (code > len) /* overran string */
|
||||
- return_error(e_rangecheck);
|
||||
- else {
|
||||
- push(1);
|
||||
- ref_assign(op, pscratch);
|
||||
- r_set_size(op, code + devlen);
|
||||
- push_op_estack(file_continue); /* come again */
|
||||
- *++esp = pscratch[2]; /* proc */
|
||||
- return o_push_estack;
|
||||
- }
|
||||
+
|
||||
+ do {
|
||||
+ memcpy((char *)pscratch->value.bytes, iodev->dname, devlen);
|
||||
+ code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen,
|
||||
+ len - devlen);
|
||||
+ if (code == ~(uint) 0) { /* all done */
|
||||
+ esp -= 5; /* pop proc, pfen, devlen, iodev , mark */
|
||||
+ return o_pop_estack;
|
||||
+ } else if (code > len) /* overran string */
|
||||
+ return_error(e_rangecheck);
|
||||
+ else if (iodev != iodev_default(imemory)
|
||||
+ || (check_file_permissions_reduced(i_ctx_p, (char *)pscratch->value.bytes, code + devlen, "PermitFileReading")) == 0) {
|
||||
+ push(1);
|
||||
+ ref_assign(op, pscratch);
|
||||
+ r_set_size(op, code + devlen);
|
||||
+ push_op_estack(file_continue); /* come again */
|
||||
+ *++esp = pscratch[2]; /* proc */
|
||||
+ return o_push_estack;
|
||||
+ }
|
||||
+ } while(1);
|
||||
}
|
||||
/* Cleanup procedure for enumerating files */
|
||||
static int
|
||||
--
|
||||
2.9.1
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
The file names in the upstream patch below were modified to apply to GNU
|
||||
ghostscript.
|
||||
|
||||
From 0c0b0859ae1aba64861599f0e7f74f143f305932 Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Tue, 7 Jul 2015 16:57:41 +0100
|
||||
Subject: [PATCH] Bug 696041: sanity check for memory allocation.
|
||||
|
||||
In gs_heap_alloc_bytes(), add a sanity check to ensure we don't overflow the
|
||||
variable holding the actual number of bytes we allocate.
|
||||
|
||||
No cluster differences
|
||||
---
|
||||
gs/base/gsmalloc.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/base/gsmalloc.c b/base/gsmalloc.c
|
||||
index 624552d..cad79c2 100644
|
||||
--- a/base/gsmalloc.c
|
||||
+++ b/base/gsmalloc.c
|
||||
@@ -178,7 +178,7 @@ gs_heap_alloc_bytes(gs_memory_t * mem, uint size, client_name_t cname)
|
||||
} else {
|
||||
uint added = size + sizeof(gs_malloc_block_t);
|
||||
|
||||
- if (mmem->limit - added < mmem->used)
|
||||
+ if (added <= size || mmem->limit - added < mmem->used)
|
||||
set_msg("exceeded limit");
|
||||
else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0)
|
||||
set_msg("failed");
|
||||
--
|
||||
2.4.6
|
||||
|
|
@ -1,185 +0,0 @@
|
|||
The following patch was adapted for GNU Ghostscript
|
||||
by Mark H Weaver <mhw@netris.org> based on:
|
||||
|
||||
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d
|
||||
|
||||
From 6d444c273da5499a4cd72f21cb6d4c9a5256807d Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Wed, 5 Oct 2016 09:55:55 +0100
|
||||
Subject: [PATCH] Bug 697178: Add a file permissions callback
|
||||
|
||||
For the rare occasions when the graphics library directly opens a file
|
||||
(currently for reading), this allows us to apply any restrictions on
|
||||
file access normally applied in the interpteter.
|
||||
---
|
||||
base/gsicc_manage.c | 10 ++++++----
|
||||
base/gslibctx.c | 12 +++++++++++-
|
||||
base/gslibctx.h | 7 +++++++
|
||||
psi/imain.c | 2 ++
|
||||
psi/int.mak | 2 +-
|
||||
psi/zfile.c | 19 +++++++++++++++++++
|
||||
psi/zfile.h | 7 +++++++
|
||||
7 files changed, 53 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c
|
||||
index 931c2a6..e9c09c3 100644
|
||||
--- a/base/gsicc_manage.c
|
||||
+++ b/base/gsicc_manage.c
|
||||
@@ -1028,10 +1028,12 @@ gsicc_open_search(const char* pname, int namelen, gs_memory_t *mem_gc,
|
||||
}
|
||||
|
||||
/* First just try it like it is */
|
||||
- str = sfopen(pname, "rb", mem_gc);
|
||||
- if (str != NULL) {
|
||||
- *strp = str;
|
||||
- return 0;
|
||||
+ if (gs_check_file_permission(mem_gc, pname, namelen, "r") >= 0) {
|
||||
+ str = sfopen(pname, "rb", mem_gc);
|
||||
+ if (str != NULL) {
|
||||
+ *strp = str;
|
||||
+ return 0;
|
||||
+ }
|
||||
}
|
||||
|
||||
/* If that fails, try %rom% */ /* FIXME: Not sure this is needed or correct */
|
||||
diff --git a/base/gslibctx.c b/base/gslibctx.c
|
||||
index eaa0458..37ce1ca 100644
|
||||
--- a/base/gslibctx.c
|
||||
+++ b/base/gslibctx.c
|
||||
@@ -121,7 +121,7 @@ int gs_lib_ctx_init( gs_memory_t *mem )
|
||||
mem->gs_lib_ctx = NULL;
|
||||
return -1;
|
||||
}
|
||||
-
|
||||
+ pio->client_check_file_permission = NULL;
|
||||
gp_get_realtime(pio->real_time_0);
|
||||
|
||||
return 0;
|
||||
@@ -262,3 +262,13 @@ void errflush(const gs_memory_t *mem)
|
||||
fflush(mem->gs_lib_ctx->fstderr);
|
||||
/* else nothing to flush */
|
||||
}
|
||||
+
|
||||
+int
|
||||
+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission)
|
||||
+{
|
||||
+ int code = 0;
|
||||
+ if (mem->gs_lib_ctx->client_check_file_permission != NULL) {
|
||||
+ code = mem->gs_lib_ctx->client_check_file_permission(mem, fname, len, permission);
|
||||
+ }
|
||||
+ return code;
|
||||
+}
|
||||
diff --git a/base/gslibctx.h b/base/gslibctx.h
|
||||
index 7a4e110..020e2d9 100644
|
||||
--- a/base/gslibctx.h
|
||||
+++ b/base/gslibctx.h
|
||||
@@ -32,6 +32,9 @@ typedef struct gs_fapi_server_s gs_fapi_server;
|
||||
# define gs_font_dir_DEFINED
|
||||
typedef struct gs_font_dir_s gs_font_dir;
|
||||
#endif
|
||||
+
|
||||
+typedef int (*client_check_file_permission_t) (gs_memory_t *mem, const char *fname, const int len, const char *permission);
|
||||
+
|
||||
typedef struct gs_lib_ctx_s
|
||||
{
|
||||
gs_memory_t *memory; /* mem->gs_lib_ctx->memory == mem */
|
||||
@@ -59,6 +62,7 @@ typedef struct gs_lib_ctx_s
|
||||
bool dict_auto_expand; /* ps dictionary: false level 1 true level 2 or 3 */
|
||||
/* A table of local copies of the IODevices */
|
||||
struct gx_io_device_s **io_device_table;
|
||||
+ client_check_file_permission_t client_check_file_permission;
|
||||
/* Define the default value of AccurateScreens that affects setscreen
|
||||
and setcolorscreen. */
|
||||
bool screen_accurate_screens;
|
||||
@@ -108,6 +112,9 @@ int
|
||||
void gs_lib_ctx_set_icc_directory(const gs_memory_t *mem_gc, const char* pname,
|
||||
int dir_namelen);
|
||||
|
||||
+int
|
||||
+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission);
|
||||
+
|
||||
#define IS_LIBCTX_STDOUT(mem, f) (f == mem->gs_lib_ctx->fstdout)
|
||||
#define IS_LIBCTX_STDERR(mem, f) (f == mem->gs_lib_ctx->fstderr)
|
||||
|
||||
diff --git a/psi/imain.c b/psi/imain.c
|
||||
index 9a9bb5d..6874128 100644
|
||||
--- a/psi/imain.c
|
||||
+++ b/psi/imain.c
|
||||
@@ -57,6 +57,7 @@
|
||||
#include "ivmspace.h"
|
||||
#include "idisp.h" /* for setting display device callback */
|
||||
#include "iplugin.h"
|
||||
+#include "zfile.h"
|
||||
|
||||
#ifdef PACIFY_VALGRIND
|
||||
#include "valgrind.h"
|
||||
@@ -215,6 +216,7 @@ gs_main_init1(gs_main_instance * minst)
|
||||
"the_gs_name_table");
|
||||
if (code < 0)
|
||||
return code;
|
||||
+ mem->gs_lib_ctx->client_check_file_permission = z_check_file_permissions;
|
||||
}
|
||||
code = obj_init(&minst->i_ctx_p, &idmem); /* requires name_init */
|
||||
if (code < 0)
|
||||
diff --git a/psi/int.mak b/psi/int.mak
|
||||
index 4654afc..bb30d51 100644
|
||||
--- a/psi/int.mak
|
||||
+++ b/psi/int.mak
|
||||
@@ -1868,7 +1868,7 @@ $(PSOBJ)imain.$(OBJ) : $(PSSRC)imain.c $(GH) $(memory__h) $(string__h)\
|
||||
$(ialloc_h) $(iconf_h) $(idebug_h) $(idict_h) $(idisp_h) $(iinit_h)\
|
||||
$(iname_h) $(interp_h) $(iplugin_h) $(isave_h) $(iscan_h) $(ivmspace_h)\
|
||||
$(iinit_h) $(main_h) $(oper_h) $(ostack_h)\
|
||||
- $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h)
|
||||
+ $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h) $(zfile_h)
|
||||
$(PSCC) $(PSO_)imain.$(OBJ) $(C_) $(PSSRC)imain.c
|
||||
|
||||
#****** $(CCINT) interp.c
|
||||
diff --git a/psi/zfile.c b/psi/zfile.c
|
||||
index 2c6c958..2f27f82 100644
|
||||
--- a/psi/zfile.c
|
||||
+++ b/psi/zfile.c
|
||||
@@ -197,6 +197,25 @@ check_file_permissions(i_ctx_t *i_ctx_p, const char *fname, int len,
|
||||
return check_file_permissions_reduced(i_ctx_p, fname_reduced, rlen, permitgroup);
|
||||
}
|
||||
|
||||
+/* z_check_file_permissions: see zfile.h for explanation
|
||||
+ */
|
||||
+int
|
||||
+z_check_file_permissions(gs_memory_t *mem, const char *fname, const int len, const char *permission)
|
||||
+{
|
||||
+ i_ctx_t *i_ctx_p = get_minst_from_memory(mem)->i_ctx_p;
|
||||
+ gs_parsed_file_name_t pname;
|
||||
+ const char *permitgroup = permission[0] == 'r' ? "PermitFileReading" : "PermitFileWriting";
|
||||
+ int code = gs_parse_file_name(&pname, fname, len, imemory);
|
||||
+ if (code < 0)
|
||||
+ return code;
|
||||
+
|
||||
+ if (pname.iodev && i_ctx_p->LockFilePermissions && strcmp(pname.iodev->dname, "%pipe%") == 0)
|
||||
+ return e_invalidfileaccess;
|
||||
+
|
||||
+ code = check_file_permissions(i_ctx_p, fname, len, permitgroup);
|
||||
+ return code;
|
||||
+}
|
||||
+
|
||||
/* <name_string> <access_string> file <file> */
|
||||
int /* exported for zsysvm.c */
|
||||
zfile(i_ctx_t *i_ctx_p)
|
||||
diff --git a/psi/zfile.h b/psi/zfile.h
|
||||
index fdf1373..a9399c7 100644
|
||||
--- a/psi/zfile.h
|
||||
+++ b/psi/zfile.h
|
||||
@@ -22,4 +22,11 @@
|
||||
int zopen_file(i_ctx_t *i_ctx_p, const gs_parsed_file_name_t *pfn,
|
||||
const char *file_access, stream **ps, gs_memory_t *mem);
|
||||
|
||||
+/* z_check_file_permissions: a callback (via mem->gs_lib_ctx->client_check_file_permission)
|
||||
+ * to allow applying the above permissions checks when opening file(s) from
|
||||
+ * the graphics library
|
||||
+ */
|
||||
+int
|
||||
+z_check_file_permissions(gs_memory_t *mem, const char *fname,
|
||||
+ const int len, const char *permission);
|
||||
#endif
|
||||
--
|
||||
2.9.1
|
||||
|
|
@ -1,25 +0,0 @@
|
|||
From 6f749c0c44e7b9e09737b9f29edf29925a34f0cf Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Wed, 5 Oct 2016 09:59:25 +0100
|
||||
Subject: [PATCH] Bug 697179: Reference count device icc profile
|
||||
|
||||
when copying a device
|
||||
---
|
||||
base/gsdevice.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/base/gsdevice.c b/base/gsdevice.c
|
||||
index 778106f..aea986a 100644
|
||||
--- a/base/gsdevice.c
|
||||
+++ b/base/gsdevice.c
|
||||
@@ -614,6 +614,7 @@ gx_device_init(gx_device * dev, const gx_device * proto, gs_memory_t * mem,
|
||||
dev->memory = mem;
|
||||
dev->retained = !internal;
|
||||
rc_init(dev, mem, (internal ? 0 : 1));
|
||||
+ rc_increment(dev->icc_struct);
|
||||
}
|
||||
|
||||
void
|
||||
--
|
||||
2.9.1
|
||||
|
|
@ -1,48 +0,0 @@
|
|||
The following patch was adapted for GNU Ghostscript
|
||||
by Mark H Weaver <mhw@netris.org> based on:
|
||||
|
||||
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=875a0095f37626a721c7ff57d606a0f95af03913
|
||||
|
||||
From 875a0095f37626a721c7ff57d606a0f95af03913 Mon Sep 17 00:00:00 2001
|
||||
From: Ken Sharp <ken.sharp@artifex.com>
|
||||
Date: Wed, 5 Oct 2016 10:10:58 +0100
|
||||
Subject: [PATCH] DSC parser - validate parameters
|
||||
|
||||
Bug #697190 ".initialize_dsc_parser doesn't validate the parameter is a dict type before using it."
|
||||
|
||||
Regardless of any security implications, its simply wrong for a PostScript
|
||||
operator not to validate its parameter(s).
|
||||
|
||||
No differences expected.
|
||||
---
|
||||
psi/zdscpars.c | 13 +++++++++----
|
||||
1 file changed, 9 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/psi/zdscpars.c b/psi/zdscpars.c
|
||||
index c05e154..9b4b605 100644
|
||||
--- a/psi/zdscpars.c
|
||||
+++ b/psi/zdscpars.c
|
||||
@@ -150,11 +150,16 @@ zinitialize_dsc_parser(i_ctx_t *i_ctx_p)
|
||||
ref local_ref;
|
||||
int code;
|
||||
os_ptr const op = osp;
|
||||
- dict * const pdict = op->value.pdict;
|
||||
- gs_memory_t * const mem = (gs_memory_t *)dict_memory(pdict);
|
||||
- dsc_data_t * const data =
|
||||
- gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init");
|
||||
+ dict *pdict;
|
||||
+ gs_memory_t *mem;
|
||||
+ dsc_data_t *data;
|
||||
|
||||
+ check_read_type(*op, t_dictionary);
|
||||
+
|
||||
+ pdict = op->value.pdict;
|
||||
+ mem = (gs_memory_t *)dict_memory(pdict);
|
||||
+
|
||||
+ data = gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init");
|
||||
if (!data)
|
||||
return_error(e_VMerror);
|
||||
data->document_level = 0;
|
||||
--
|
||||
2.9.1
|
||||
|
|
@ -1,47 +0,0 @@
|
|||
The following patch was adapted for GNU Ghostscript
|
||||
by Mark H Weaver <mhw@netris.org> based on:
|
||||
|
||||
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78
|
||||
|
||||
From f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78 Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Sat, 8 Oct 2016 16:10:27 +0100
|
||||
Subject: [PATCH] Bug 697203: check for sufficient params in .sethalftone5
|
||||
|
||||
and param types
|
||||
---
|
||||
psi/zht2.c | 12 ++++++++++--
|
||||
1 file changed, 10 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/psi/zht2.c b/psi/zht2.c
|
||||
index fb4a264..dfa27a4 100644
|
||||
--- a/psi/zht2.c
|
||||
+++ b/psi/zht2.c
|
||||
@@ -82,14 +82,22 @@ zsethalftone5(i_ctx_t *i_ctx_p)
|
||||
gs_memory_t *mem;
|
||||
uint edepth = ref_stack_count(&e_stack);
|
||||
int npop = 2;
|
||||
- int dict_enum = dict_first(op);
|
||||
+ int dict_enum;
|
||||
ref rvalue[2];
|
||||
int cname, colorant_number;
|
||||
byte * pname;
|
||||
uint name_size;
|
||||
int halftonetype, type = 0;
|
||||
gs_state *pgs = igs;
|
||||
- int space_index = r_space_index(op - 1);
|
||||
+ int space_index;
|
||||
+
|
||||
+ if (ref_stack_count(&o_stack) < 2)
|
||||
+ return_error(e_stackunderflow);
|
||||
+ check_type(*op, t_dictionary);
|
||||
+ check_type(*(op - 1), t_dictionary);
|
||||
+
|
||||
+ dict_enum = dict_first(op);
|
||||
+ space_index = r_space_index(op - 1);
|
||||
|
||||
mem = (gs_memory_t *) idmemory->spaces_indexed[space_index];
|
||||
|
||||
--
|
||||
2.9.1
|
||||
|
|
@ -1,15 +1,60 @@
|
|||
Fix CVE-2017-8291:
|
||||
|
||||
https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8291
|
||||
https://bugs.ghostscript.com/show_bug.cgi?id=697799
|
||||
https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate)
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8291
|
||||
|
||||
This patch is adapted from these two Artifex Ghostscript commits by Leo
|
||||
Famulari <leo@famulari.name>:
|
||||
Patches copied from upstream source repository:
|
||||
|
||||
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d;hp=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
|
||||
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3;hp=5603e8fc3e59c435318877efe627967ee6baebb8
|
||||
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
|
||||
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d
|
||||
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e
|
||||
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad
|
||||
|
||||
From 4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Thu, 27 Apr 2017 13:03:33 +0100
|
||||
Subject: [PATCH] Bug 697799: have .eqproc check its parameters
|
||||
|
||||
The Ghostscript custom operator .eqproc was not check the number or type of
|
||||
the parameters it was given.
|
||||
---
|
||||
psi/zmisc3.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/psi/zmisc3.c b/psi/zmisc3.c
|
||||
index 54b304246..37293ff4b 100644
|
||||
--- a/psi/zmisc3.c
|
||||
+++ b/psi/zmisc3.c
|
||||
@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
|
||||
ref2_t stack[MAX_DEPTH + 1];
|
||||
ref2_t *top = stack;
|
||||
|
||||
+ if (ref_stack_count(&o_stack) < 2)
|
||||
+ return_error(gs_error_stackunderflow);
|
||||
+ if (!r_is_array(op - 1) || !r_is_array(op)) {
|
||||
+ return_error(gs_error_typecheck);
|
||||
+ }
|
||||
+
|
||||
make_array(&stack[0].proc1, 0, 1, op - 1);
|
||||
make_array(&stack[0].proc2, 0, 1, op);
|
||||
for (;;) {
|
||||
--
|
||||
2.13.0
|
||||
|
||||
From 04b37bbce174eed24edec7ad5b920eb93db4d47d Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Thu, 27 Apr 2017 13:21:31 +0100
|
||||
Subject: [PATCH] Bug 697799: have .rsdparams check its parameters
|
||||
|
||||
The Ghostscript internal operator .rsdparams wasn't checking the number or
|
||||
type of the operands it was being passed. Do so.
|
||||
---
|
||||
psi/zfrsd.c | 22 +++++++++++++++-------
|
||||
1 file changed, 15 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/psi/zfrsd.c b/psi/zfrsd.c
|
||||
index fb4bce9..2629afa 100644
|
||||
index 191107d8a..950588d69 100644
|
||||
--- a/psi/zfrsd.c
|
||||
+++ b/psi/zfrsd.c
|
||||
@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p)
|
||||
|
@ -24,9 +69,9 @@ index fb4bce9..2629afa 100644
|
|||
+ int code = 0;
|
||||
+
|
||||
+ if (ref_stack_count(&o_stack) < 1)
|
||||
+ return_error(e_stackunderflow);
|
||||
+ return_error(gs_error_stackunderflow);
|
||||
+ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
|
||||
+ return_error(e_typecheck);
|
||||
+ return_error(gs_error_typecheck);
|
||||
+ }
|
||||
|
||||
make_empty_array(&empty_array, a_readonly);
|
||||
|
@ -35,15 +80,15 @@ index fb4bce9..2629afa 100644
|
|||
+ && dict_find_string(op, "Filter", &pFilter) > 0) {
|
||||
if (!r_is_array(pFilter)) {
|
||||
if (!r_has_type(pFilter, t_name))
|
||||
return_error(e_typecheck);
|
||||
return_error(gs_error_typecheck);
|
||||
@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p)
|
||||
return_error(e_typecheck);
|
||||
return_error(gs_error_typecheck);
|
||||
}
|
||||
}
|
||||
- code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
|
||||
+ if (r_has_type(op, t_dictionary))
|
||||
+ code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
|
||||
if (code < 0 && code != e_rangecheck) /* out-of-range int is ok, use 0 */
|
||||
if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */
|
||||
return code;
|
||||
- if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0
|
||||
- )
|
||||
|
@ -54,20 +99,97 @@ index fb4bce9..2629afa 100644
|
|||
push(1);
|
||||
op[-1] = *pFilter;
|
||||
if (pDecodeParms)
|
||||
--
|
||||
2.13.0
|
||||
|
||||
From 57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Wed, 3 May 2017 12:05:45 +0100
|
||||
Subject: [PATCH] Bug 697846: revision to commit 4f83478c88 (.eqproc)
|
||||
|
||||
When using the "DELAYBIND" feature, it turns out that .eqproc can be called with
|
||||
parameters that are not both procedures. In this case, it turns out, the
|
||||
expectation is for the operator to return 'false', rather than throw an error.
|
||||
---
|
||||
psi/zmisc3.c | 15 +++++++++++++--
|
||||
1 file changed, 13 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/psi/zmisc3.c b/psi/zmisc3.c
|
||||
index 54b3042..0d357f1 100644
|
||||
index 37293ff4b..3f01d39a3 100644
|
||||
--- a/psi/zmisc3.c
|
||||
+++ b/psi/zmisc3.c
|
||||
@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
|
||||
@@ -38,6 +38,15 @@ zcliprestore(i_ctx_t *i_ctx_p)
|
||||
return gs_cliprestore(igs);
|
||||
}
|
||||
|
||||
+static inline bool
|
||||
+eqproc_check_type(ref *r)
|
||||
+{
|
||||
+ return r_has_type(r, t_array)
|
||||
+ || r_has_type(r, t_mixedarray)
|
||||
+ || r_has_type(r, t_shortarray)
|
||||
+ || r_has_type(r, t_oparray);
|
||||
+}
|
||||
+
|
||||
/* <proc1> <proc2> .eqproc <bool> */
|
||||
/*
|
||||
* Test whether two procedures are equal to depth 10.
|
||||
@@ -58,8 +67,10 @@ zeqproc(i_ctx_t *i_ctx_p)
|
||||
|
||||
if (ref_stack_count(&o_stack) < 2)
|
||||
return_error(gs_error_stackunderflow);
|
||||
- if (!r_is_array(op - 1) || !r_is_array(op)) {
|
||||
- return_error(gs_error_typecheck);
|
||||
+ if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) {
|
||||
+ make_false(op - 1);
|
||||
+ pop(1);
|
||||
+ return 0;
|
||||
}
|
||||
|
||||
make_array(&stack[0].proc1, 0, 1, op - 1);
|
||||
--
|
||||
2.13.0
|
||||
|
||||
From ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Thu, 11 May 2017 14:07:48 +0100
|
||||
Subject: [PATCH] Bug 697892: fix check for op stack underflow.
|
||||
|
||||
In the original fix, I used the wrong method to check for stack underflow, this
|
||||
is using the correct method.
|
||||
---
|
||||
psi/zfrsd.c | 3 +--
|
||||
psi/zmisc3.c | 3 +--
|
||||
2 files changed, 2 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/psi/zfrsd.c b/psi/zfrsd.c
|
||||
index 950588d69..9c035b96d 100644
|
||||
--- a/psi/zfrsd.c
|
||||
+++ b/psi/zfrsd.c
|
||||
@@ -54,8 +54,7 @@ zrsdparams(i_ctx_t *i_ctx_p)
|
||||
uint i;
|
||||
int code = 0;
|
||||
|
||||
- if (ref_stack_count(&o_stack) < 1)
|
||||
- return_error(gs_error_stackunderflow);
|
||||
+ check_op(1);
|
||||
if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
|
||||
return_error(gs_error_typecheck);
|
||||
}
|
||||
diff --git a/psi/zmisc3.c b/psi/zmisc3.c
|
||||
index 3f01d39a3..43803b55b 100644
|
||||
--- a/psi/zmisc3.c
|
||||
+++ b/psi/zmisc3.c
|
||||
@@ -65,8 +65,7 @@ zeqproc(i_ctx_t *i_ctx_p)
|
||||
ref2_t stack[MAX_DEPTH + 1];
|
||||
ref2_t *top = stack;
|
||||
|
||||
+ if (ref_stack_count(&o_stack) < 2)
|
||||
+ return_error(e_stackunderflow);
|
||||
+ if (!r_is_array(op - 1) || !r_is_array(op)) {
|
||||
+ return_error(e_typecheck);
|
||||
+ }
|
||||
+
|
||||
make_array(&stack[0].proc1, 0, 1, op - 1);
|
||||
make_array(&stack[0].proc2, 0, 1, op);
|
||||
for (;;) {
|
||||
- if (ref_stack_count(&o_stack) < 2)
|
||||
- return_error(gs_error_stackunderflow);
|
||||
+ check_op(2);
|
||||
if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) {
|
||||
make_false(op - 1);
|
||||
pop(1);
|
||||
--
|
||||
2.13.0
|
||||
|
||||
|
|
|
@ -1,17 +1,18 @@
|
|||
This patch adds $(libdir) to the RUNPATH of 'gsc' and 'gsx'.
|
||||
|
||||
--- gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:45.386957927 +0200
|
||||
+++ gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:49.222982359 +0200
|
||||
@@ -91,11 +91,11 @@ $(GS_SO_MAJOR): $(GS_SO_MAJOR_MINOR)
|
||||
diff --git a/base/unix-dll.mak b/base/unix-dll.mak
|
||||
index 9d57a99..36ef1ff 100644
|
||||
--- a/base/unix-dll.mak
|
||||
+++ b/base/unix-dll.mak
|
||||
@@ -171,11 +171,11 @@ gpdl-so-links-subtarget: $(GPDL_SO) $(UNIX_DLL_MAK) $(MAKEDIRS)
|
||||
# Build the small Ghostscript loaders, with Gtk+ and without
|
||||
$(GSSOC_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER)
|
||||
$(GSSOC_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
|
||||
$(GLCC) -g -o $(GSSOC_XE) $(PSSRC)dxmainc.c \
|
||||
- -L$(BINDIR) -l$(GS_SO_BASE)
|
||||
+ -L$(BINDIR) -l$(GS_SO_BASE) -Wl,-rpath=$(libdir)
|
||||
|
||||
$(GSSOX_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER)
|
||||
$(GSSOX_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
|
||||
$(GLCC) -g $(SOC_CFLAGS) -o $(GSSOX_XE) $(PSSRC)$(SOC_LOADER) \
|
||||
- -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS)
|
||||
+ -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) -Wl,-rpath=$(libdir)
|
||||
|
||||
# ------------------------- Recursive make targets ------------------------- #
|
||||
$(PCLSOC_XE): gpcl6-so-links-subtarget $(PLSRC)$(REALMAIN_SRC).c $(UNIX_DLL_MAK) $(MAKEDIRS)
|
||||
$(GLCC) -g -o $(PCLSOC_XE) $(PLSRC)$(REALMAIN_SRC).c -L$(BINDIR) -l$(PCL_SO_BASE)
|
||||
|
|
Loading…
Reference in New Issue