Applied patch from upstream to fix memory handling issue (bug #1087071).

Resolves: rhbz#1087071
This commit is contained in:
Tim Waugh 2014-06-04 11:11:19 +01:00
parent 50b6192323
commit 51ebf65bc1
2 changed files with 30 additions and 1 deletions

21
ghostscript-crash.patch Normal file
View File

@ -0,0 +1,21 @@
diff -up ghostscript-9.10/psi/ialloc.c.crash ghostscript-9.10/psi/ialloc.c
--- ghostscript-9.10/psi/ialloc.c.crash 2013-08-30 11:37:28.000000000 +0100
+++ ghostscript-9.10/psi/ialloc.c 2014-06-04 10:47:58.294526685 +0100
@@ -160,6 +160,7 @@ gs_alloc_ref_array(gs_ref_memory_t * mem
uint num_refs, client_name_t cname)
{
ref *obj;
+ int i;
/* If we're allocating a run of refs already, */
/* and we aren't about to overflow the maximum run length, use it. */
@@ -224,6 +225,9 @@ gs_alloc_ref_array(gs_ref_memory_t * mem
cp->where = (ref_packed *)obj;
}
}
+ for (i = 0; i < num_refs; i++) {
+ make_null(&(obj[i]));
+ }
make_array(parr, attrs | mem->space, num_refs, obj);
return 0;
}

View File

@ -5,7 +5,7 @@ Summary: A PostScript interpreter and renderer
Name: ghostscript Name: ghostscript
Version: %{gs_ver} Version: %{gs_ver}
Release: 2%{?dist} Release: 3%{?dist}
# Included CMap data is Redistributable, no modification permitted, # Included CMap data is Redistributable, no modification permitted,
# see http://bugzilla.redhat.com/487510 # see http://bugzilla.redhat.com/487510
@ -32,6 +32,7 @@ Patch8: ghostscript-gdevcups-debug-uninit.patch
Patch9: ghostscript-wrf-snprintf.patch Patch9: ghostscript-wrf-snprintf.patch
Patch10: ghostscript-gs694154.patch Patch10: ghostscript-gs694154.patch
Patch11: ghostscript-sys-zlib.patch Patch11: ghostscript-sys-zlib.patch
Patch12: ghostscript-crash.patch
Requires: urw-fonts >= 1.1, ghostscript-fonts Requires: urw-fonts >= 1.1, ghostscript-fonts
Requires: poppler-data Requires: poppler-data
@ -138,6 +139,9 @@ rm -rf expat freetype icclib jasper jpeg jpegxr lcms lcms2 libpng openjpeg zlib
# Fix build when using system zlib. # Fix build when using system zlib.
%patch11 -p1 -b .sys-zlib %patch11 -p1 -b .sys-zlib
# Prevent memory handling crash.
%patch12 -p1 -b .crash
# Convert manual pages to UTF-8 # Convert manual pages to UTF-8
from8859_1() { from8859_1() {
iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_" iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_"
@ -329,6 +333,10 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/libgs.so %{_libdir}/libgs.so
%changelog %changelog
* Wed Jun 4 2014 Tim Waugh <twaugh@redhat.com> 9.14-3
- Applied patch from upstream to fix memory handling issue that could
lead to crashes (bug #1087071).
* Tue Jun 03 2014 Ralf Corsépius <corsepiu@fedoraproject.org> 9.14-2 * Tue Jun 03 2014 Ralf Corsépius <corsepiu@fedoraproject.org> 9.14-2
- Add %%{_datadir}/ghostscript/%%{gs_dot_ver}/Resource/IdiomSet - Add %%{_datadir}/ghostscript/%%{gs_dot_ver}/Resource/IdiomSet
(RHBZ #1100338). (RHBZ #1100338).