From 51ebf65bc1b67e912672ebd05293a3f280419e13 Mon Sep 17 00:00:00 2001 From: Tim Waugh Date: Wed, 4 Jun 2014 11:11:19 +0100 Subject: [PATCH] Applied patch from upstream to fix memory handling issue (bug #1087071). Resolves: rhbz#1087071 --- ghostscript-crash.patch | 21 +++++++++++++++++++++ ghostscript.spec | 10 +++++++++- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 ghostscript-crash.patch diff --git a/ghostscript-crash.patch b/ghostscript-crash.patch new file mode 100644 index 0000000..4cd24e8 --- /dev/null +++ b/ghostscript-crash.patch @@ -0,0 +1,21 @@ +diff -up ghostscript-9.10/psi/ialloc.c.crash ghostscript-9.10/psi/ialloc.c +--- ghostscript-9.10/psi/ialloc.c.crash 2013-08-30 11:37:28.000000000 +0100 ++++ ghostscript-9.10/psi/ialloc.c 2014-06-04 10:47:58.294526685 +0100 +@@ -160,6 +160,7 @@ gs_alloc_ref_array(gs_ref_memory_t * mem + uint num_refs, client_name_t cname) + { + ref *obj; ++ int i; + + /* If we're allocating a run of refs already, */ + /* and we aren't about to overflow the maximum run length, use it. */ +@@ -224,6 +225,9 @@ gs_alloc_ref_array(gs_ref_memory_t * mem + cp->where = (ref_packed *)obj; + } + } ++ for (i = 0; i < num_refs; i++) { ++ make_null(&(obj[i])); ++ } + make_array(parr, attrs | mem->space, num_refs, obj); + return 0; + } diff --git a/ghostscript.spec b/ghostscript.spec index 59ce7a0..eb8bef7 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -5,7 +5,7 @@ Summary: A PostScript interpreter and renderer Name: ghostscript Version: %{gs_ver} -Release: 2%{?dist} +Release: 3%{?dist} # Included CMap data is Redistributable, no modification permitted, # see http://bugzilla.redhat.com/487510 @@ -32,6 +32,7 @@ Patch8: ghostscript-gdevcups-debug-uninit.patch Patch9: ghostscript-wrf-snprintf.patch Patch10: ghostscript-gs694154.patch Patch11: ghostscript-sys-zlib.patch +Patch12: ghostscript-crash.patch Requires: urw-fonts >= 1.1, ghostscript-fonts Requires: poppler-data @@ -138,6 +139,9 @@ rm -rf expat freetype icclib jasper jpeg jpegxr lcms lcms2 libpng openjpeg zlib # Fix build when using system zlib. %patch11 -p1 -b .sys-zlib +# Prevent memory handling crash. +%patch12 -p1 -b .crash + # Convert manual pages to UTF-8 from8859_1() { iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_" @@ -329,6 +333,10 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/libgs.so %changelog +* Wed Jun 4 2014 Tim Waugh 9.14-3 +- Applied patch from upstream to fix memory handling issue that could + lead to crashes (bug #1087071). + * Tue Jun 03 2014 Ralf Corsépius 9.14-2 - Add %%{_datadir}/ghostscript/%%{gs_dot_ver}/Resource/IdiomSet (RHBZ #1100338).