rpms/ghostscript
7
0
Fork 0
Code Issues Pull Requests Releases Activity

specfile: rebase to upstream version 9.25

Browse Source 
Resolves: #1628875
This commit is contained in:
David Kaspar [Dee'Kej] 2018-09-17 12:12:27 +02:00
parent f782820b42
commit 40935870ea
7 changed files with 7 additions and 480 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -51,3 +51,4 @@ ghostscript-8.71.tar.xz
/ghostscript-9.22.tar.xz
/ghostscript-9.23.tar.xz
/ghostscript-9.24.tar.xz
/ghostscript-9.25.tar.xz

79
ghostscript-9.24-000-let-CUPS-id-itself-as-DeviceN.patch
View File

@ -1,79 +0,0 @@
From bc3df0773fccf4b4906a3e59652ad646ea0fee91 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Tue, 4 Sep 2018 17:01:08 +0100
Subject: [PATCH] For ICC profile validation, have cups id iteself as DeviceN
Give the range of color spaces and models that cups supports, we can't
reasonably provide (or expect others to provide) output ICC profiles for all
cases.
For the purpose of profile validation, have it claim to be DeviceN and benefit
from the extra tolerance in profiles allowed for that class of device.
---
cups/gdevcups.c | 15 ++++++++++++++-
devices/devs.mak | 2 +-
2 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/cups/gdevcups.c b/cups/gdevcups.c
index c1574f860..decd8eb35 100644
--- a/cups/gdevcups.c
+++ b/cups/gdevcups.c
@@ -70,6 +70,7 @@
#include "std.h" /* to stop stdlib.h redefining types */
#include "gdevprn.h"
#include "gsparam.h"
+#include "gxdevsop.h"
#include "arch.h"
#include "gsicc_manage.h"
@@ -252,6 +253,7 @@ private int cups_put_params(gx_device *, gs_param_list *);
private int cups_set_color_info(gx_device *);
private dev_proc_sync_output(cups_sync_output);
private prn_dev_proc_get_space_params(cups_get_space_params);
+private int cups_spec_op(gx_device *dev_, int op, void *data, int datasize);
#ifdef dev_t_proc_encode_color
private cm_map_proc_gray(cups_map_gray);
@@ -392,7 +394,7 @@ private gx_device_procs cups_procs =
NULL, /* push_transparency_state */
NULL, /* pop_transparency_state */
NULL, /* put_image */
-
+ cups_spec_op
};
#define prn_device_body_copies(dtype, procs, dname, w10, h10, xdpi, ydpi, lo, to, lm, bm, rm, tm, ncomp, depth, mg, mc, dg, dc, print_pages)\
@@ -5927,6 +5929,17 @@ cups_print_planar(gx_device_printer *pdev,
return (0);
}
+private int
+cups_spec_op(gx_device *dev_, int op, void *data, int datasize)
+{
+ /* Although not strictly DeviceN, the range of color models
+ this device supports presets similar issues.
+ */
+ if (op == gxdso_supports_devn) {
+ return true;
+ }
+ return gx_default_dev_spec_op(dev_, op, data, datasize);
+}
/*
*/
diff --git a/devices/devs.mak b/devices/devs.mak
index c85604cc0..e8654e566 100644
--- a/devices/devs.mak
+++ b/devices/devs.mak
@@ -1860,7 +1860,7 @@ $(DD)pwgraster.dev : $(lcups_dev) $(lcupsi_dev) $(cups_) $(GDEV) \
$(ADDMOD) $(DD)pwgraster -include $(lcups_dev)
$(ADDMOD) $(DD)pwgraster -include $(lcupsi_dev)
-$(DEVOBJ)gdevcups.$(OBJ) : $(LCUPSSRCDIR)$(D)gdevcups.c $(std_h) $(DEVS_MAK) $(MAKEDIRS)
+$(DEVOBJ)gdevcups.$(OBJ) : $(LCUPSSRCDIR)$(D)gdevcups.c $(std_h) $(gxdevsop_h) $(DEVS_MAK) $(MAKEDIRS)
$(CUPS_CC) $(DEVO_)gdevcups.$(OBJ) $(C_) $(CFLAGS) $(CUPSCFLAGS) \
$(I_)$(GLSRC) \
$(I_)$(DEVSRC) \
--
2.14.4

41
ghostscript-9.24-001-retain-LockSafetyParams.patch
View File

@ -1,41 +0,0 @@
From 5812b1b78fc4d36fdc293b7859de69241140d590 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Tue, 4 Sep 2018 23:18:46 +0100
Subject: [PATCH] Bug 699714: retain .LockSafetyParams through failed
.installpagedevice
In the event that the .trysetparams fails during .installpagedevice, catch the
error, and ensure that at least the .LockSafetyParams is set.
---
Resource/Init/gs_setpd.ps | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/Resource/Init/gs_setpd.ps b/Resource/Init/gs_setpd.ps
index bba3c8c0e..aee96149e 100644
--- a/Resource/Init/gs_setpd.ps
+++ b/Resource/Init/gs_setpd.ps
@@ -95,12 +95,19 @@ level2dict begin
{ % Since setpagedevice doesn't create new device objects,
% we must (carefully) reinstall the old parameters in
% the same device.
- .currentpagedevice pop //null currentdevice //null .trysetparams
+ .currentpagedevice pop //null currentdevice //null
+ {.trysetparams} .internalstopped
+ {
+ //null
+ } if
dup type /booleantype eq
{ pop pop }
- { % This should never happen!
+ {
SETPDDEBUG { (Error in .trysetparams!) = pstack flush } if
cleartomark pop pop pop
+ % if resetting the entire device state failed, at least put back the se
+ currentdevice //null //false mark /.LockSafetyParams .currentpagedevice pop
+ /.LockSafetyParams .knownget not {//false} if .putdeviceparamsonly
/.installpagedevice cvx /rangecheck signalerror
}
ifelse pop pop
--
2.14.4

98
ghostscript-9.24-002-fix-for-Canon-and-Kyocera-printers.patch
View File

@ -1,98 +0,0 @@
From 712a067cd6a9594a9b76b45cd27eaea49cbcfc88 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Thu, 6 Sep 2018 14:08:41 +0100
Subject: [PATCH 1/2] Bug 699722: Add the ICCProfilesDir to the PermitReading
list
There was also an issue that the string being returned from the graphics
library was null terminated, and Postscript strings are not (and Ghostscript
strings are not necessarily). We leave the null termination in place, but
reduce the length returned by 1.
---
Resource/Init/gs_init.ps | 1 +
base/gsicc_manage.c | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
index cac0e37..a378c0c 100644
--- a/Resource/Init/gs_init.ps
+++ b/Resource/Init/gs_init.ps
@@ -2042,6 +2042,7 @@ readonly def
[ currentsystemparams /GenericResourceDir get] (*) .file_name_separator (*)
concatstrings concatstrings .generate_dir_list_templates
} if
+ currentuserparams /ICCProfilesDir known {currentuserparams /ICCProfilesDir get} if
]
/PermitFileWriting [
currentuserparams /PermitFileWriting get aload pop
diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c
index 69f05c4..ff685e7 100644
--- a/base/gsicc_manage.c
+++ b/base/gsicc_manage.c
@@ -2972,7 +2972,7 @@ gs_currenticcdirectory(const gs_gstate * pgs, gs_param_string * pval)
pval->persistent = true;
} else {
pval->data = (const byte *)(lib_ctx->profiledir);
- pval->size = lib_ctx->profiledir_len;
+ pval->size = lib_ctx->profiledir_len - 1;
pval->persistent = false;
}
}
--
2.14.4
From 314399c34db06c4e75b097a50032f834204bc797 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Thu, 6 Sep 2018 18:40:05 +0100
Subject: [PATCH 2/2] Bug 699722 (2): add wildcards to the permissions paths.
The temp and ICC profile paths need to finish with wildcards to work correctly.
---
Resource/Init/gs_init.ps | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
index a378c0c..e61e879 100644
--- a/Resource/Init/gs_init.ps
+++ b/Resource/Init/gs_init.ps
@@ -2027,7 +2027,7 @@ readonly def
<<
/PermitFileReading [
currentuserparams /PermitFileReading get aload pop
- //tempfilepaths aload pop
+ [//tempfilepaths aload pop] (*) .generate_dir_list_templates
/FONTPATH .systemvar (*) .generate_dir_list_templates
% Library files :
/LIBPATH .systemvar (*) .generate_dir_list_templates
@@ -2042,15 +2042,15 @@ readonly def
[ currentsystemparams /GenericResourceDir get] (*) .file_name_separator (*)
concatstrings concatstrings .generate_dir_list_templates
} if
- currentuserparams /ICCProfilesDir known {currentuserparams /ICCProfilesDir get} if
+ currentuserparams /ICCProfilesDir known {[currentuserparams /ICCProfilesDir get] (*) .generate_dir_list_templates} if
]
/PermitFileWriting [
currentuserparams /PermitFileWriting get aload pop
- //tempfilepaths aload pop
+ [//tempfilepaths aload pop] (*) .generate_dir_list_templates
]
/PermitFileControl [
currentuserparams /PermitFileControl get aload pop
- //tempfilepaths aload pop
+ [//tempfilepaths aload pop] (*) .generate_dir_list_templates
]
/LockFilePermissions //true
>> setuserparams
@@ -2133,7 +2133,7 @@ SAFER { .setsafeglobal } if
/.setshapealpha % transparency-example.ps
/.endtransparencygroup % transparency-example.ps
/.setdotlength % Bug687720.ps
- /.sort /.setdebug /.mementolistnewblocks /getenv
+ /.sort /.mementolistnewblocks /getenv
/.makeoperator /.setCPSImode % gs_cet.ps, this won't work on cluster with -dSAFER
--
2.14.4

255
ghostscript-9.24-003-CVE-2018-16802.patch
View File

@ -1,255 +0,0 @@
From f7b90ef253ef928ba32d7aed75556b384738f025 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Wed, 5 Sep 2018 17:14:59 +0100
Subject: [PATCH 1/2] Bug 699718: Ensure stack space is available before
gsrestore call out
During a grestore, if the device is going to change, we call out to Postscript
to restore the device configuration, before returning to restore the graphics
state internally.
We have to ensure sufficient op stack space is available to complete the
operation, otherwise the device can end up an undefined state.
---
Resource/Init/gs_setpd.ps | 23 +++++++++++++-------
psi/zdevice2.c | 55 ++++++++++++++++++++++++++++++++++++-----------
2 files changed, 58 insertions(+), 20 deletions(-)
diff --git a/Resource/Init/gs_setpd.ps b/Resource/Init/gs_setpd.ps
index aee9614..8fa7c51 100644
--- a/Resource/Init/gs_setpd.ps
+++ b/Resource/Init/gs_setpd.ps
@@ -96,7 +96,7 @@ level2dict begin
% we must (carefully) reinstall the old parameters in
% the same device.
.currentpagedevice pop //null currentdevice //null
- {.trysetparams} .internalstopped
+ { .trysetparams } .internalstopped
{
//null
} if
@@ -104,25 +104,32 @@ level2dict begin
{ pop pop }
{
SETPDDEBUG { (Error in .trysetparams!) = pstack flush } if
- cleartomark pop pop pop
- % if resetting the entire device state failed, at least put back the se
- currentdevice //null //false mark /.LockSafetyParams .currentpagedevice pop
- /.LockSafetyParams .knownget not {//false} if .putdeviceparamsonly
+ {cleartomark pop pop pop} .internalstopped pop
+ % if resetting the entire device state failed, at least put back the
+ % security related key
+ currentdevice //null //false mark /.LockSafetyParams
+ currentpagedevice /.LockSafetyParams .knownget not
+ {systemdict /SAFER .knownget not {//false} } if
+ .putdeviceparamsonly
/.installpagedevice cvx /rangecheck signalerror
}
ifelse pop pop
% A careful reading of the Red Book reveals that an erasepage
% should occur, but *not* an initgraphics.
erasepage .beginpage
- } bind def
+ } bind executeonly def
/.uninstallpagedevice
- { 2 .endpage { .currentnumcopies //false .outputpage } if
+ {
+ {2 .endpage { .currentnumcopies //false .outputpage } if} .internalstopped pop
nulldevice
} bind def
(%grestorepagedevice) cvn
- { .uninstallpagedevice grestore .installpagedevice
+ {
+ .uninstallpagedevice
+ grestore
+ .installpagedevice
} bind def
(%grestoreallpagedevice) cvn
diff --git a/psi/zdevice2.c b/psi/zdevice2.c
index 0c7080d..5447c8c 100644
--- a/psi/zdevice2.c
+++ b/psi/zdevice2.c
@@ -251,8 +251,8 @@ z2currentgstate(i_ctx_t *i_ctx_p)
/* ------ Wrappers for operators that reset the graphics state. ------ */
/* Check whether we need to call out to restore the page device. */
-static bool
-restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new)
+static int
+restore_page_device(i_ctx_t *i_ctx_p, const gs_gstate * pgs_old, const gs_gstate * pgs_new)
{
gx_device *dev_old = gs_currentdevice(pgs_old);
gx_device *dev_new;
@@ -260,9 +260,10 @@ restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new)
gx_device *dev_t2;
bool samepagedevice = obj_eq(dev_old->memory, &gs_int_gstate(pgs_old)->pagedevice,
&gs_int_gstate(pgs_new)->pagedevice);
+ bool LockSafetyParams = dev_old->LockSafetyParams;
if ((dev_t1 = (*dev_proc(dev_old, get_page_device)) (dev_old)) == 0)
- return false;
+ return 0;
/* If we are going to putdeviceparams in a callout, we need to */
/* unlock temporarily. The device will be re-locked as needed */
/* by putdeviceparams from the pgs_old->pagedevice dict state. */
@@ -271,23 +272,44 @@ restore_page_device(const gs_gstate * pgs_old, const gs_gstate * pgs_new)
dev_new = gs_currentdevice(pgs_new);
if (dev_old != dev_new) {
if ((dev_t2 = (*dev_proc(dev_new, get_page_device)) (dev_new)) == 0)
- return false;
- if (dev_t1 != dev_t2)
- return true;
+ samepagedevice = true;
+ else if (dev_t1 != dev_t2)
+ samepagedevice = false;
+ }
+
+ if (LockSafetyParams && !samepagedevice) {
+ os_ptr op = osp;
+ const int max_ops = 512;
+
+ /* The %grestorepagedevice must complete: the biggest danger
+ is operand stack overflow. As we use get/putdeviceparams
+ that means pushing all the device params onto the stack,
+ pdfwrite having by far the largest number of parameters
+ at (currently) 212 key/value pairs - thus needing (currently)
+ 424 entries on the op stack. Allowing for working stack
+ space, and safety margin.....
+ */
+ if (max_ops > op - osbot) {
+ if (max_ops >= ref_stack_count(&o_stack))
+ return_error(gs_error_stackoverflow);
+ }
}
/*
* The current implementation of setpagedevice just sets new
* parameters in the same device object, so we have to check
* whether the page device dictionaries are the same.
*/
- return !samepagedevice;
+ return samepagedevice ? 0 : 1;
}
/* - grestore - */
static int
z2grestore(i_ctx_t *i_ctx_p)
{
- if (!restore_page_device(igs, gs_gstate_saved(igs)))
+ int code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
+ if (code < 0) return code;
+
+ if (code == 0)
return gs_grestore(igs);
return push_callout(i_ctx_p, "%grestorepagedevice");
}
@@ -297,7 +319,9 @@ static int
z2grestoreall(i_ctx_t *i_ctx_p)
{
for (;;) {
- if (!restore_page_device(igs, gs_gstate_saved(igs))) {
+ int code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
+ if (code < 0) return code;
+ if (code == 0) {
bool done = !gs_gstate_saved(gs_gstate_saved(igs));
gs_grestore(igs);
@@ -328,11 +352,15 @@ z2restore(i_ctx_t *i_ctx_p)
if (code < 0) return code;
while (gs_gstate_saved(gs_gstate_saved(igs))) {
- if (restore_page_device(igs, gs_gstate_saved(igs)))
+ code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
+ if (code < 0) return code;
+ if (code > 0)
return push_callout(i_ctx_p, "%restore1pagedevice");
gs_grestore(igs);
}
- if (restore_page_device(igs, gs_gstate_saved(igs)))
+ code = restore_page_device(i_ctx_p, igs, gs_gstate_saved(igs));
+ if (code < 0) return code;
+ if (code > 0)
return push_callout(i_ctx_p, "%restorepagedevice");
code = dorestore(i_ctx_p, asave);
@@ -355,9 +383,12 @@ static int
z2setgstate(i_ctx_t *i_ctx_p)
{
os_ptr op = osp;
+ int code;
check_stype(*op, st_igstate_obj);
- if (!restore_page_device(igs, igstate_ptr(op)))
+ code = restore_page_device(i_ctx_p, igs, igstate_ptr(op));
+ if (code < 0) return code;
+ if (code == 0)
return zsetgstate(i_ctx_p);
return push_callout(i_ctx_p, "%setgstatepagedevice");
}
--
2.14.4
From 9a1f4832bc862c2a449cd90c46b1ccc61a829d48 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Fri, 7 Sep 2018 08:07:12 +0100
Subject: [PATCH 2/2] Bug 699718(2): Improve/augment stack size checking
Improve the rebustness of the previous solution (previously it could trigger an
error when there *was* stack capacity available).
Remove redundant check: we don't need to check if the *current* stack size is
sufficient, before checking the maximum permitted stack size.
Also check the exec stack, as execstackoverflow can also cause the
Postscript call out to fail.
Lastly, in event of failure, put the LockSafetyParams flag back in the existing
device (this is only necessary because we don't enfore JOBSERVER mode).
Note: the Postscript callout (%grestorepagedevice) never pushes any dictionaries
on the dict stack - if that changes, we should check that stack, too.
---
psi/zdevice2.c | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/psi/zdevice2.c b/psi/zdevice2.c
index 5447c8c..159a0c0 100644
--- a/psi/zdevice2.c
+++ b/psi/zdevice2.c
@@ -278,8 +278,8 @@ restore_page_device(i_ctx_t *i_ctx_p, const gs_gstate * pgs_old, const gs_gstate
}
if (LockSafetyParams && !samepagedevice) {
- os_ptr op = osp;
- const int max_ops = 512;
+ const int required_ops = 512;
+ const int required_es = 32;
/* The %grestorepagedevice must complete: the biggest danger
is operand stack overflow. As we use get/putdeviceparams
@@ -289,9 +289,16 @@ restore_page_device(i_ctx_t *i_ctx_p, const gs_gstate * pgs_old, const gs_gstate
424 entries on the op stack. Allowing for working stack
space, and safety margin.....
*/
- if (max_ops > op - osbot) {
- if (max_ops >= ref_stack_count(&o_stack))
- return_error(gs_error_stackoverflow);
+ if (required_ops + ref_stack_count(&o_stack) >= ref_stack_max_count(&o_stack)) {
+ gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams;
+ return_error(gs_error_stackoverflow);
+ }
+ /* We also want enough exec stack space - 32 is an overestimate of
+ what we need to complete the Postscript call out.
+ */
+ if (required_es + ref_stack_count(&e_stack) >= ref_stack_max_count(&e_stack)) {
+ gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams;
+ return_error(gs_error_execstackoverflow);
}
}
/*
--
2.14.4

11
ghostscript.spec
View File

@ -42,8 +42,8 @@
Name: ghostscript
Summary: Interpreter for PostScript language & PDF
Version: 9.24
Release: 3%{?dist}
Version: 9.25
Release: 1%{?dist}
License: AGPLv3+
@ -93,10 +93,6 @@ BuildRequires: libXt-devel
# Upstream patches -- official upstream patches released by upstream since the
# ---------------- last rebase that are necessary for any reason:
#Patch000: example000.patch
Patch000: ghostscript-9.24-000-let-CUPS-id-itself-as-DeviceN.patch
Patch001: ghostscript-9.24-001-retain-LockSafetyParams.patch
Patch002: ghostscript-9.24-002-fix-for-Canon-and-Kyocera-printers.patch
Patch003: ghostscript-9.24-003-CVE-2018-16802.patch
# Downstream patches -- these should be always included when doing rebase:
@ -465,6 +461,9 @@ done
# =============================================================================
%changelog
* Mon Sep 17 2018 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.25-1
- rebase to latest upstream version to fix additional issues found in 9.24
* Fri Sep 14 2018 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.24-3
- ghostscript-9.24-002-icc-PermitReading.patch removed
- ghostscript-9.24-002-fix-for-Canon-and-Kyocera-printers.patch added (bug #1626818)

2
sources
View File

@ -1 +1 @@
SHA512 (ghostscript-9.24.tar.xz) = dcbeeb5d3dd5ccaf949dc4be68363c50b1d35e647be4790a50b1bbf5f259f1d9181f705be27bfca708c4d270f945ff4b24e3db10b57800c1ee0ea7a40931c547
SHA512 (ghostscript-9.25.tar.xz) = 7a1c0b7546ed523f50c1452d4a1c13fcf043d6060fc9708bbc4b543f66ecb1b619b6e71998094ac702ef44a2fd159b6523271de19b1cae352981ef51fb637651