From 1e73cf4005b713d1917945a57183e2b00bcf9be1 Mon Sep 17 00:00:00 2001 From: Tom Callaway Date: Fri, 7 Sep 2018 12:22:49 -0400 Subject: [PATCH] add upstream fix for reading in ICC profiles --- ghostscript-9.24-002-icc-PermitReading.patch | 74 ++++++++++++++++++++ ghostscript.spec | 6 +- 2 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 ghostscript-9.24-002-icc-PermitReading.patch diff --git a/ghostscript-9.24-002-icc-PermitReading.patch b/ghostscript-9.24-002-icc-PermitReading.patch new file mode 100644 index 0000000..0015a5e --- /dev/null +++ b/ghostscript-9.24-002-icc-PermitReading.patch @@ -0,0 +1,74 @@ +From 08298edea32fa5f73bb3379473b45c9f9f6bd47a Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Fri, 7 Sep 2018 10:36:47 -0400 +Subject: [PATCH] + http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=c8c01f8c4164 + http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13418541a5ae + +There was also an issue that the string being returned from the graphics +library was null terminated, and Postscript strings are not (and Ghostscript +strings are not necessarily). We leave the null termination in place, but +reduce the length returned by 1. + +The temp and ICC profile paths need to finish with wildcards to work correctly. +--- + Resource/Init/gs_init.ps | 9 +++++---- + base/gsicc_manage.c | 2 +- + 2 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps +index cac0e37..e61e879 100644 +--- a/Resource/Init/gs_init.ps ++++ b/Resource/Init/gs_init.ps +@@ -2027,7 +2027,7 @@ readonly def + << + /PermitFileReading [ + currentuserparams /PermitFileReading get aload pop +- //tempfilepaths aload pop ++ [//tempfilepaths aload pop] (*) .generate_dir_list_templates + /FONTPATH .systemvar (*) .generate_dir_list_templates + % Library files : + /LIBPATH .systemvar (*) .generate_dir_list_templates +@@ -2042,14 +2042,15 @@ readonly def + [ currentsystemparams /GenericResourceDir get] (*) .file_name_separator (*) + concatstrings concatstrings .generate_dir_list_templates + } if ++ currentuserparams /ICCProfilesDir known {[currentuserparams /ICCProfilesDir get] (*) .generate_dir_list_templates} if + ] + /PermitFileWriting [ + currentuserparams /PermitFileWriting get aload pop +- //tempfilepaths aload pop ++ [//tempfilepaths aload pop] (*) .generate_dir_list_templates + ] + /PermitFileControl [ + currentuserparams /PermitFileControl get aload pop +- //tempfilepaths aload pop ++ [//tempfilepaths aload pop] (*) .generate_dir_list_templates + ] + /LockFilePermissions //true + >> setuserparams +@@ -2132,7 +2133,7 @@ SAFER { .setsafeglobal } if + /.setshapealpha % transparency-example.ps + /.endtransparencygroup % transparency-example.ps + /.setdotlength % Bug687720.ps +- /.sort /.setdebug /.mementolistnewblocks /getenv ++ /.sort /.mementolistnewblocks /getenv + + /.makeoperator /.setCPSImode % gs_cet.ps, this won't work on cluster with -dSAFER + +diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c +index 69f05c4..ff685e7 100644 +--- a/base/gsicc_manage.c ++++ b/base/gsicc_manage.c +@@ -2972,7 +2972,7 @@ gs_currenticcdirectory(const gs_gstate * pgs, gs_param_string * pval) + pval->persistent = true; + } else { + pval->data = (const byte *)(lib_ctx->profiledir); +- pval->size = lib_ctx->profiledir_len; ++ pval->size = lib_ctx->profiledir_len - 1; + pval->persistent = false; + } + } +-- +2.17.1 + diff --git a/ghostscript.spec b/ghostscript.spec index 073a49f..35b88f6 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -43,7 +43,7 @@ Name: ghostscript Summary: Interpreter for PostScript language & PDF Version: 9.24 -Release: 1%{?dist} +Release: 2%{?dist} License: AGPLv3+ @@ -95,6 +95,7 @@ BuildRequires: libXt-devel #Patch000: example000.patch Patch000: ghostscript-9.24-000-let-CUPS-id-itself-as-DeviceN.patch Patch001: ghostscript-9.24-001-retain-LockSafetyParams.patch +Patch002: ghostscript-9.24-002-icc-PermitReading.patch # Downstream patches -- these should be always included when doing rebase: @@ -463,6 +464,9 @@ done # ============================================================================= %changelog +* Fri Sep 07 2018 Tom Callaway - 9.24-2 +- add upstream fix for reading in ICC profiles + * Wed Sep 05 2018 David Kaspar [Dee'Kej] - 9.24-1 - rebase to latest upstream version, which contains important CVE fixes - additional ZER0-DAY fixes added