From a89e0b7920b34bdca37fc01a1289beaba36b3104 Mon Sep 17 00:00:00 2001 From: Richard Lescak Date: Fri, 9 Dec 2022 14:37:39 +0100 Subject: [PATCH] Fix loading of CIDFonts Resolves: rhbz#2138795 --- ...rent-VM-modes-during-CIDFont-loading.patch | 88 +++++++++++++++++++ ghostscript.spec | 6 +- 2 files changed, 93 insertions(+), 1 deletion(-) create mode 100644 ghostscript-9.54.0-Deal-with-different-VM-modes-during-CIDFont-loading.patch diff --git a/ghostscript-9.54.0-Deal-with-different-VM-modes-during-CIDFont-loading.patch b/ghostscript-9.54.0-Deal-with-different-VM-modes-during-CIDFont-loading.patch new file mode 100644 index 0000000..180193a --- /dev/null +++ b/ghostscript-9.54.0-Deal-with-different-VM-modes-during-CIDFont-loading.patch @@ -0,0 +1,88 @@ +From 0b74b65ecc0f36d40b8d04a7fa1fa8b5f9d2b3ff Mon Sep 17 00:00:00 2001 +From: Chris Liddell +Date: Thu, 13 Oct 2022 14:55:28 +0100 +Subject: [PATCH] Deal with different VM modes during CIDFont loading + +To help differentiate between a substituted CIDFont and an embedded one, a +change was made to store the file path in the CIDFont dictionary. That change +failed to account for the possibility that the file object and the CIDFont +dictionary may not be in compatible VM modes. + +This adds code to ensure that the string holding the path is in a suitable VM +mode to be stored into the dictionary. + +Reported by Richard Lescak +--- + Resource/Init/gs_cidfn.ps | 23 +++++++++++++++++++---- + 1 file changed, 19 insertions(+), 4 deletions(-) + +diff --git a/Resource/Init/gs_cidfn.ps b/Resource/Init/gs_cidfn.ps +index 870a2e11c..fa050ed7a 100644 +--- a/Resource/Init/gs_cidfn.ps ++++ b/Resource/Init/gs_cidfn.ps +@@ -1,4 +1,4 @@ +-% Copyright (C) 2001-2021 Artifex Software, Inc. ++% Copyright (C) 2001-2022 Artifex Software, Inc. + % All Rights Reserved. + % + % This software is provided AS-IS with no warranty, either express or +@@ -36,6 +36,17 @@ + + 30 dict begin + ++/.gcompatstringcopy % .gcompatstringcopy ++{ ++ dup 2 index gcheck eq ++ { pop } ++ { ++ currentglobal 3 1 roll setglobal ++ dup length string copy ++ exch setglobal ++ } ifelse ++} bind def ++ + % The key in .cidfonttypes is the CIDFontType value; + % the value is a procedure that takes a font name and the CIDFont dictionary + % and replaces the latter with a real font. +@@ -58,7 +69,7 @@ dup 0 { + end + } if + 1 index exch .buildfont9 +- .currentresourcefile dup type /filetype eq { //.filename {1 index exch /ResourcePath exch put} if }{ pop} ifelse ++ .currentresourcefile dup type /filetype eq { //.filename {1 index gcheck //.gcompatstringcopy exec 1 index exch /ResourcePath exch put} if }{ pop} ifelse + exch pop + } put % Don't bind it here, because gs_fapi.ps redefines .buildfont9 + +@@ -138,10 +149,11 @@ dup 0 { + + % ------ CIDFontType 1 (FontType 10) ------ % + ++ + dup 1 { + 10 //.checkfonttype exec pop + 1 index exch .buildfont10 +- .currentresourcefile dup type /filetype eq { //.filename {1 index exch /ResourcePath exch put} if }{ pop} ifelse ++ .currentresourcefile dup type /filetype eq { //.filename {1 index gcheck //.gcompatstringcopy exec 1 index exch /ResourcePath exch put} if }{ pop} ifelse + exch pop + } put % Don't bind it here because gs_fapi.ps redefines .buildfont10 + +@@ -150,12 +162,15 @@ dup 1 { + dup 2 { + 11 //.checkfonttype exec pop + 1 index exch .buildfont11 +- .currentresourcefile dup type /filetype eq { //.filename {1 index exch /ResourcePath exch put} if }{ pop} ifelse ++ .currentresourcefile dup type /filetype eq { //.filename {1 index gcheck //.gcompatstringcopy exec 1 index exch /ResourcePath exch put} if }{ pop} ifelse + exch pop + } put % Don't bind it here because gs_fapi.ps redefines .buildfont11 + ++currentdict /.gcompatstringcopy .undef ++ + pop % .cidfonttypes + ++ + % ---------------- Reading CIDFontType 0 files ---------------- % + + /StartData { % <(Binary)|(Hex)> StartData - +-- +2.37.3 + diff --git a/ghostscript.spec b/ghostscript.spec index ab1e299..7fc12e8 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -42,7 +42,7 @@ Name: ghostscript Summary: Interpreter for PostScript language & PDF Version: 9.54.0 -Release: 7%{?dist} +Release: 8%{?dist} License: AGPLv3+ @@ -106,6 +106,7 @@ Patch002: ghostscript-9.54.0-include-pipe-handle-in-validation.patch Patch003: ghostscript-9.54.0-covscan-fixes.patch #2049767 - CVE-2021-45949 heap-based buffer overflow in sampled_data_finish Patch004: ghostscript-9.54.0-Fix-op-stack-management-in-sampled_data_c.patch +Patch005: ghostscript-9.54.0-Deal-with-different-VM-modes-during-CIDFont-loading.patch # Downstream patches -- these should be always included when doing rebase: # ------------------ @@ -439,6 +440,9 @@ done # ============================================================================= %changelog +* Fri Dec 9 2022 Richard Lescak - 9.54.0-8 +- fix loading of CIDFonts (#2138795) + * Thu Feb 24 2022 Richard Lescak - 9.54.0-7 - Fix patch for covscan issues (#2032789)