Change SEARCH_HERE_FIRST default to make -P- default (bug #599564).

This commit is contained in:
Tim Waugh 2010-08-25 14:02:19 +01:00
parent b3e2cfe5e0
commit 5a5e48476c
2 changed files with 325 additions and 0 deletions

View File

@ -0,0 +1,318 @@
diff -up ghostscript-8.71/base/bcwin32.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/bcwin32.mak
--- ghostscript-8.71/base/bcwin32.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/bcwin32.mak 2010-08-25 14:00:12.290019965 +0100
@@ -78,13 +78,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
!ifndef SEARCH_HERE_FIRST
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
!endif
# Define the name of the interpreter initialization file.
diff -up ghostscript-8.71/base/macos-mcp.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/macos-mcp.mak
--- ghostscript-8.71/base/macos-mcp.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/macos-mcp.mak 2010-08-25 14:00:12.297143504 +0100
@@ -53,12 +53,9 @@ GS_DOCDIR=:doc
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
# Define the name of the interpreter initialization file.
# (There is no reason to change this.)
diff -up ghostscript-8.71/base/macosx.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/macosx.mak
--- ghostscript-8.71/base/macosx.mak.SEARCH_HERE_FIRST 2008-10-02 20:33:22.000000000 +0100
+++ ghostscript-8.71/base/macosx.mak 2010-08-25 14:00:12.327017571 +0100
@@ -78,12 +78,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
# Define the name of the interpreter initialization file.
# (There is no reason to change this.)
diff -up ghostscript-8.71/base/Makefile.in.SEARCH_HERE_FIRST ghostscript-8.71/base/Makefile.in
--- ghostscript-8.71/base/Makefile.in.SEARCH_HERE_FIRST 2009-12-18 07:04:10.000000000 +0000
+++ ghostscript-8.71/base/Makefile.in 2010-08-25 14:00:12.335142758 +0100
@@ -96,12 +96,9 @@ GS_CACHE_DIR="~/.ghostscript/cache/"
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
# Define the name of the interpreter initialization file.
# (There is no reason to change this.)
diff -up ghostscript-8.71/base/msvclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/msvclib.mak
--- ghostscript-8.71/base/msvclib.mak.SEARCH_HERE_FIRST 2010-01-07 10:53:36.000000000 +0000
+++ ghostscript-8.71/base/msvclib.mak 2010-08-25 14:00:12.359017810 +0100
@@ -49,13 +49,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
!ifndef SEARCH_HERE_FIRST
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
!endif
# Define the name of the interpreter initialization file.
diff -up ghostscript-8.71/base/openvms.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/openvms.mak
--- ghostscript-8.71/base/openvms.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/openvms.mak 2010-08-25 14:00:12.382018536 +0100
@@ -68,12 +68,9 @@ GS_LIB_DEFAULT=GS_ROOT:[RESOURCE.INIT],G
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
# Define the name of the interpreter initialization file.
# (There is no reason to change this.)
diff -up ghostscript-8.71/base/openvms.mmk.SEARCH_HERE_FIRST ghostscript-8.71/base/openvms.mmk
--- ghostscript-8.71/base/openvms.mmk.SEARCH_HERE_FIRST 2009-01-08 09:17:18.000000000 +0000
+++ ghostscript-8.71/base/openvms.mmk 2010-08-25 14:00:12.408142641 +0100
@@ -73,12 +73,9 @@ GS_LIB_DEFAULT=GS_LIB
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
# Define the name of the interpreter initialization file.
# (There is no reason to change this.)
diff -up ghostscript-8.71/base/ugcclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/ugcclib.mak
--- ghostscript-8.71/base/ugcclib.mak.SEARCH_HERE_FIRST 2008-11-05 20:41:22.000000000 +0000
+++ ghostscript-8.71/base/ugcclib.mak 2010-08-25 14:00:12.446144216 +0100
@@ -30,7 +30,7 @@ gsdir = /usr/local/share/ghostscript
gsdatadir = $(gsdir)/$(GS_DOT_VERSION)
GS_DOCDIR=$(gsdatadir)/doc
GS_LIB_DEFAULT=$(gsdatadir)/Resource/Init:$(gsdatadir)/lib:$(gsdatadir)/Resource/Font
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
GS_INIT=gs_init.ps
#GENOPT=-DDEBUG
diff -up ghostscript-8.71/base/unixansi.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/unixansi.mak
--- ghostscript-8.71/base/unixansi.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/unixansi.mak 2010-08-25 14:00:12.485143635 +0100
@@ -73,12 +73,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
# Define the name of the interpreter initialization file.
# (There is no reason to change this.)
diff -up ghostscript-8.71/base/unix-gcc.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/unix-gcc.mak
--- ghostscript-8.71/base/unix-gcc.mak.SEARCH_HERE_FIRST 2009-11-11 15:50:28.000000000 +0000
+++ ghostscript-8.71/base/unix-gcc.mak 2010-08-25 14:00:12.501143978 +0100
@@ -77,12 +77,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
# Define the name of the interpreter initialization file.
# (There is no reason to change this.)
diff -up ghostscript-8.71/base/watclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/watclib.mak
--- ghostscript-8.71/base/watclib.mak.SEARCH_HERE_FIRST 2009-01-08 09:17:18.000000000 +0000
+++ ghostscript-8.71/base/watclib.mak 2010-08-25 14:00:12.509143140 +0100
@@ -20,7 +20,7 @@ AROOTDIR=c:/gs
GSROOTDIR=$(AROOTDIR)/gs$(GS_DOT_VERSION)
GS_DOCDIR=$(GSROOTDIR)/doc
GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Init\;$(GSROOTDIR)/lib\;$(GSROOTDIR)/Resource/Font\;$(AROOTDIR)/fonts
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
GS_INIT=gs_init.ps
!ifndef DEBUG
diff -up ghostscript-8.71/base/watcw32.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/watcw32.mak
--- ghostscript-8.71/base/watcw32.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/watcw32.mak 2010-08-25 14:00:12.525143422 +0100
@@ -54,11 +54,8 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
# Define the name of the interpreter initialization file.
# (There is no reason to change this.)
diff -up ghostscript-8.71/doc/Use.htm.SEARCH_HERE_FIRST ghostscript-8.71/doc/Use.htm
--- ghostscript-8.71/doc/Use.htm.SEARCH_HERE_FIRST 2010-02-10 18:17:48.000000000 +0000
+++ ghostscript-8.71/doc/Use.htm 2010-08-25 14:00:12.552143446 +0100
@@ -823,8 +823,8 @@ file name specifies an absolute path.
using the name given. Otherwise it tries directories in this order:
<ol>
-<li>The current directory (unless disabled by the
-<a href="#P-_switch"><code>-P-</code> switch</a>);
+<li>The current directory if enabled by the
+<a href="#P-_switch"><code>-P</code> switch</a>;
<li>The directories specified by <a href="#I_switch"><code>-I</code>
switches</a> in the command line, if any;
@@ -847,13 +847,10 @@ into the executable ;
directory or a list of directories separated by a character appropriate for
the operating system ("<code>:</code>" on Unix systems,
"<code>,</code>" on VMS systems, and
-"<code>;</code>" on MS Windows systems). We think that trying
-the current directory first is a very bad idea -- it opens serious security
-loopholes and can lead to very confusing errors if one has more than one
-version of Ghostscript in one's environment -- but when we attempted to
-change it, users insisted that we change it back. You can disable looking
-in the current directory first by using the
-<a href="#P_switch"><code>-P-</code> switch</a>.
+"<code>;</code>" on MS Windows systems).
+By default, Ghostscript no longer searches the current directory first
+but provides <a href="#P_switch"><code>-P</code> switch</a> for a degree
+of backward compatibility.
<p>
Note that Ghostscript does not use this file searching algorithm for the
@@ -2061,14 +2058,14 @@ for library files.
<dl>
<dt><a name="P_switch"></a><code>-P</code>
<dd>Makes Ghostscript look first in the current directory for library
-files. This is currently the default.
+files.
</dl>
<dl>
<dt><a name="P-_switch"></a><code>-P-</code>
<dd>Makes Ghostscript <b><em>not</em></b> look first in the current
directory for library files (unless, of course, the first explicitly
-supplied directory is "<code>.</code>").
+supplied directory is "<code>.</code>"). This is now the default.
</dl>
<h4><a name="Parameters"></a>Setting parameters</h4>
diff -up ghostscript-8.71/man/gs.1.SEARCH_HERE_FIRST ghostscript-8.71/man/gs.1
--- ghostscript-8.71/man/gs.1.SEARCH_HERE_FIRST 2010-02-10 18:17:48.000000000 +0000
+++ ghostscript-8.71/man/gs.1 2010-08-25 14:00:12.562143368 +0100
@@ -208,6 +208,12 @@ whereas \fB\-sname=35\fR is equivalent t
.br
/name (35) def
.TP
+.B \-P
+Makes Ghostscript to look first in the current directory for library files.
+By default, Ghostscript no longer looks in the current directory,
+unless, of course, the first explicitly supplied directory is "." in \fB-I\fR.
+See also the \fBINITIALIZATION FILES\fR section below, and bundled
+\fBUse.htm\fR for detailed discussion on search paths and how Ghostcript finds files.
.B \-q
Quiet startup: suppress normal startup messages, and also do the
equivalent of \fB\-dQUIET\fR.
diff -up ghostscript-8.71/psi/msvc32.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/msvc32.mak
--- ghostscript-8.71/psi/msvc32.mak.SEARCH_HERE_FIRST 2010-02-02 18:14:37.000000000 +0000
+++ ghostscript-8.71/psi/msvc32.mak 2010-08-25 14:00:12.594142799 +0100
@@ -100,13 +100,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
!ifndef SEARCH_HERE_FIRST
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
!endif
# Define the name of the interpreter initialization file.
diff -up ghostscript-8.71/psi/os2.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/os2.mak
--- ghostscript-8.71/psi/os2.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/psi/os2.mak 2010-08-25 14:00:12.621143319 +0100
@@ -54,12 +54,9 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security
-# and confusion problems, but users insist on it.
-# NOTE: this also affects searching for files named on the command line:
-# see the "File searching" section of Use.htm for full details.
-# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended.
+# and confusion problems, but may be convenient sometimes.
-SEARCH_HERE_FIRST=1
+SEARCH_HERE_FIRST=0
# Define the name of the interpreter initialization file.
# (There is no reason to change this.)
diff -up ghostscript-8.71/toolbin/msvcxml.bat.SEARCH_HERE_FIRST ghostscript-8.71/toolbin/msvcxml.bat
--- ghostscript-8.71/toolbin/msvcxml.bat.SEARCH_HERE_FIRST 2009-01-26 17:16:47.000000000 +0000
+++ ghostscript-8.71/toolbin/msvcxml.bat 2010-08-25 14:00:12.631143783 +0100
@@ -1428,7 +1428,7 @@ echo ^<UserMacro Name="GS_DOCDIR" Valu
echo ^<UserMacro Name="GS_INIT" Value="gs_init.ps" /^>
echo ^<UserMacro Name="GS_LIB_DEFAULT" Value="$(GSROOTDIR)/lib;$(GSROOTDIR)/Resource/Font;$(AROOTDIR)/fonts" /^>
echo ^<UserMacro Name="GS_REVISION" Value="$(GS_VERSION)" /^>
-echo ^<UserMacro Name="SEARCH_HERE_FIRST" Value="1" /^>
+echo ^<UserMacro Name="SEARCH_HERE_FIRST" Value="0" /^>
echo ^</VisualStudioPropertySheet^>
goto end

View File

@ -36,6 +36,7 @@ Patch18: ghostscript-tiff-default-strip-size.patch
Patch19: ghostscript-tiff-fixes.patch
Patch20: ghostscript-CVE-2010-1628.patch
Patch21: ghostscript-jbig2-image-refcount.patch
Patch22: ghostscript-SEARCH_HERE_FIRST.patch
Requires: urw-fonts >= 1.1, ghostscript-fonts
BuildRequires: xz
@ -169,6 +170,10 @@ rm -rf libpng zlib jpeg jasper
# Avoid another NULL pointer dereference in jbig2 code (bug #621569).
%patch21 -p1 -b .jbig2-image-refcount
# Change SEARCH_HERE_FIRST default to make -P- default instead of -P
# (bug #599564).
%patch22 -p1 -b .SEARCH_HERE_FIRST
# Convert manual pages to UTF-8
from8859_1() {
iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_"
@ -358,6 +363,8 @@ rm -rf $RPM_BUILD_ROOT
%changelog
* Wed Aug 25 2010 Tim Waugh <twaugh@redhat.com> 8.71-9
- Change SEARCH_HERE_FIRST default to make -P- default instead of -P
(bug #599564).
- Removed redundant gs-executable patch (bug #502550).
* Thu Aug 5 2010 Tim Waugh <twaugh@redhat.com> 8.71-8