From 72b3dc74c8631f9e1c2dd9f0f6fe931065fd7f95 Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Wed, 27 Mar 2024 19:46:00 +0000
Subject: [PATCH] import CS ghostscript-9.27-12.el8

---
 ...9.27-avoid-divide-by-zero-in-devices.patch | 88 +++++++++++++++++++
 SPECS/ghostscript.spec                        |  7 +-
 2 files changed, 94 insertions(+), 1 deletion(-)
 create mode 100644 SOURCES/ghostscript-9.27-avoid-divide-by-zero-in-devices.patch

diff --git a/SOURCES/ghostscript-9.27-avoid-divide-by-zero-in-devices.patch b/SOURCES/ghostscript-9.27-avoid-divide-by-zero-in-devices.patch
new file mode 100644
index 0000000..bbf1e1f
--- /dev/null
+++ b/SOURCES/ghostscript-9.27-avoid-divide-by-zero-in-devices.patch
@@ -0,0 +1,88 @@
+From f70ab2044429fe4b991801476ea3f4b4a5c0cdf4 Mon Sep 17 00:00:00 2001
+From: Julian Smith <jules@op59.net>
+Date: Wed, 6 Nov 2019 11:46:10 +0000
+Subject: [PATCH 1/2] Bug 701843: avoid divide by zero caused by custom
+ resolution being too low.
+
+Fixes:
+    ./sanbin/gs -dBATCH -dNOPAUSE -dSAFER -r8 -dNOCIE -dFitPage -sOutputFile=tmp -sDEVICE=eps9mid  ../bug-701843.pdf
+---
+ devices/gdevepsn.c | 19 +++++++++++++++----
+ 1 file changed, 15 insertions(+), 4 deletions(-)
+
+diff --git a/devices/gdevepsn.c b/devices/gdevepsn.c
+index 49faaf3d7..3e5388322 100644
+--- a/devices/gdevepsn.c
++++ b/devices/gdevepsn.c
+@@ -159,10 +159,10 @@ eps_print_page(gx_device_printer *pdev, gp_file *prn_stream, int y_9pin_high,
+         int line_size = gdev_mem_bytes_per_scan_line((gx_device *)pdev);
+         /* Note that in_size is a multiple of 8. */
+         int in_size = line_size * (8 * in_y_mult);
+-        byte *buf1 = (byte *)gs_malloc(pdev->memory, in_size, 1, "eps_print_page(buf1)");
+-        byte *buf2 = (byte *)gs_malloc(pdev->memory, in_size, 1, "eps_print_page(buf2)");
+-        byte *in = buf1;
+-        byte *out = buf2;
++        byte *buf1;
++        byte *buf2;
++        byte *in;
++        byte *out;
+         int out_y_mult = (y_24pin ? 3 : 1);
+         int x_dpi = (int)pdev->x_pixels_per_inch;
+         char start_graphics =
+@@ -174,6 +174,17 @@ eps_print_page(gx_device_printer *pdev, gp_file *prn_stream, int y_9pin_high,
+         int bytes_per_space = dots_per_space * out_y_mult;
+         int tab_min_pixels = x_dpi * MIN_TAB_10THS / 10;
+         int skip = 0, lnum = 0, pass, ypass;
++
++        if (bytes_per_space == 0) {
++            /* This avoids divide by zero later on, bug 701843. */
++            return_error(gs_error_rangecheck);
++        }
++
++        buf1 = (byte *)gs_malloc(pdev->memory, in_size, 1, "eps_print_page(buf1)");
++        buf2 = (byte *)gs_malloc(pdev->memory, in_size, 1, "eps_print_page(buf2)");
++        in = buf1;
++        out = buf2;
++
+ 
+         /* Check allocations */
+         if ( buf1 == 0 || buf2 == 0 )
+
+diff --git a/devices/gdevepsc.c b/devices/gdevepsc.c
+--- a/devices/gdevepsc.c
++++ b/devices/gdevepsc.c
+@@ -174,13 +174,7 @@
+     int y_mult = (y_24pin ? 3 : 1);
+     int line_size = (pdev->width + 7) >> 3;     /* always mono */
+     int in_size = line_size * (8 * y_mult);
+-    byte *in =
+-        (byte *) gs_malloc(pdev->memory, in_size + 1, 1,
+-                           "epsc_print_page(in)");
+     int out_size = ((pdev->width + 7) & -8) * y_mult;
+-    byte *out =
+-        (byte *) gs_malloc(pdev->memory, out_size + 1, 1,
+-                           "epsc_print_page(out)");
+     int x_dpi = (int)pdev->x_pixels_per_inch;
+     char start_graphics = (char)
+         ((y_24pin ? graphics_modes_24 : graphics_modes_9)[x_dpi / 60]);
+@@ -195,6 +189,20 @@
+     int color_line_size, color_in_size;
+     int spare_bits = (pdev->width % 8); /* left over bits to go to margin */
+     int whole_bits = pdev->width - spare_bits;
++    byte *out;
++    byte *in;
++
++    if (bytes_per_space == 0) {
++        /* This avoids divide by zero later on, bug 701843. */
++        return_error(gs_error_rangecheck);
++    }
++
++    in =
++        (byte *) gs_malloc(pdev->memory, in_size + 1, 1,
++                           "epsc_print_page(in)");
++    out =
++        (byte *) gs_malloc(pdev->memory, out_size + 1, 1,
++                           "epsc_print_page(out)");
+ 
+     /* Check allocations */
+     if (in == 0 || out == 0) {
diff --git a/SPECS/ghostscript.spec b/SPECS/ghostscript.spec
index 6a4b9b5..8ec48a0 100644
--- a/SPECS/ghostscript.spec
+++ b/SPECS/ghostscript.spec
@@ -37,7 +37,7 @@
 Name:             ghostscript
 Summary:          Interpreter for PostScript language & PDF
 Version:          9.27
-Release:          11%{?dist}
+Release:          12%{?dist}
 
 License:          AGPLv3+
 
@@ -112,6 +112,7 @@ Patch019: ghostscript-9.27-pdfwrite-Substituted-TTF-CIDFont-CID-hand.patch
 Patch020: ghostscript-9.27-CVE-2023-28879.patch
 Patch021: ghostscript-9.27-CVE-2023-38559.patch
 Patch022: ghostscript-9.27-CVE-2023-4042.patch
+Patch023: ghostscript-9.27-avoid-divide-by-zero-in-devices.patch
 
 
 # Downstream patches -- these should be always included when doing rebase:
@@ -452,6 +453,10 @@ done
 # =============================================================================
 
 %changelog
+* Tue Sep 19 2023 Richard Lescak <rlescak@redhat.com> - 9.27-12
+- fix to prevent divison by zero in devices
+- Resolves: rhbz#2235009
+
 * Fri Aug 04 2023 Richard Lescak <rlescak@redhat.com> - 9.27-11
 - fix for CVE-2023-4042
 - Resolves: rhbz#2228153