rpms
/
ghostscript
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Avoid another NULL pointer dereference in jbig2 code (bug #621569).

This commit is contained in:
Tim Waugh 2010-08-05 16:15:23 +01:00
parent 4257a957f7
commit 2e84257b37
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
ghostscript-jbig2-image-refcount.patch Normal file
View File

@ -0,0 +1,25 @@
diff -up ghostscript-8.71/jbig2dec/jbig2_image.c.jbig2-image-refcount ghostscript-8.71/jbig2dec/jbig2_image.c
--- ghostscript-8.71/jbig2dec/jbig2_image.c.jbig2-image-refcount 2010-08-05 14:55:56.417043303 +0100
+++ ghostscript-8.71/jbig2dec/jbig2_image.c 2010-08-05 14:56:46.796169065 +0100
@@ -60,15 +60,18 @@ Jbig2Image* jbig2_image_new(Jbig2Ctx *ct
/* clone an image pointer by bumping its reference count */
Jbig2Image* jbig2_image_clone(Jbig2Ctx *ctx, Jbig2Image *image)
{
- image->refcount++;
+ if (image)
+ image->refcount++;
return image;
}
/* release an image pointer, freeing it it appropriate */
void jbig2_image_release(Jbig2Ctx *ctx, Jbig2Image *image)
{
- image->refcount--;
- if (!image->refcount) jbig2_image_free(ctx, image);
+ if (image) {
+ image->refcount--;
+ if (!image->refcount) jbig2_image_free(ctx, image);
+ }
}
/* free a Jbig2Image structure and its associated memory */

9
ghostscript.spec
View File

@ -5,7 +5,7 @@ Summary: A PostScript interpreter and renderer.
Name: ghostscript
Version: %{gs_ver}
Release: 7%{?dist}
Release: 8%{?dist}
# Included CMap data is Redistributable, no modification permitted,
# see http://bugzilla.redhat.com/487510
@ -36,6 +36,7 @@ Patch17: ghostscript-tif-fail-close.patch
Patch18: ghostscript-tiff-default-strip-size.patch
Patch19: ghostscript-tiff-fixes.patch
Patch20: ghostscript-CVE-2010-1628.patch
Patch21: ghostscript-jbig2-image-refcount.patch
Requires: urw-fonts >= 1.1, ghostscript-fonts
BuildRequires: xz
@ -169,6 +170,9 @@ rm -rf libpng zlib jpeg jasper
# overflow, bug #592492).
%patch20 -p1 -b .CVE-2010-1628
# Avoid another NULL pointer dereference in jbig2 code (bug #621569).
%patch21 -p1 -b .jbig2-image-refcount
# Convert manual pages to UTF-8
from8859_1() {
iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_"
@ -357,6 +361,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/libgs.so
%changelog
* Thu Aug 5 2010 Tim Waugh <twaugh@redhat.com> 8.71-8
- Avoid another NULL pointer dereference in jbig2 code (bug #621569).
* Fri Jul 16 2010 Tim Waugh <twaugh@redhat.com> 8.71-7
- Applied patch to fix CVE-2010-1628 (memory corruption at PS stack
overflow, bug #592492).