diff -up ghostscript-8.71/base/bcwin32.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/bcwin32.mak --- ghostscript-8.71/base/bcwin32.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 +++ ghostscript-8.71/base/bcwin32.mak 2010-08-25 16:00:06.732142141 +0100 @@ -78,13 +78,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. !ifndef SEARCH_HERE_FIRST -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 !endif # Define the name of the interpreter initialization file. diff -up ghostscript-8.71/base/macos-mcp.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/macos-mcp.mak --- ghostscript-8.71/base/macos-mcp.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 +++ ghostscript-8.71/base/macos-mcp.mak 2010-08-25 16:00:06.735142115 +0100 @@ -53,12 +53,9 @@ GS_DOCDIR=:doc # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 # Define the name of the interpreter initialization file. # (There is no reason to change this.) diff -up ghostscript-8.71/base/macosx.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/macosx.mak --- ghostscript-8.71/base/macosx.mak.SEARCH_HERE_FIRST 2008-10-02 20:33:22.000000000 +0100 +++ ghostscript-8.71/base/macosx.mak 2010-08-25 16:00:06.745019041 +0100 @@ -78,12 +78,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 # Define the name of the interpreter initialization file. # (There is no reason to change this.) diff -up ghostscript-8.71/base/Makefile.in.SEARCH_HERE_FIRST ghostscript-8.71/base/Makefile.in --- ghostscript-8.71/base/Makefile.in.SEARCH_HERE_FIRST 2009-12-18 07:04:10.000000000 +0000 +++ ghostscript-8.71/base/Makefile.in 2010-08-25 16:00:06.767101477 +0100 @@ -96,12 +96,9 @@ GS_CACHE_DIR="~/.ghostscript/cache/" # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 # Define the name of the interpreter initialization file. # (There is no reason to change this.) diff -up ghostscript-8.71/base/msvclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/msvclib.mak --- ghostscript-8.71/base/msvclib.mak.SEARCH_HERE_FIRST 2010-01-07 10:53:36.000000000 +0000 +++ ghostscript-8.71/base/msvclib.mak 2010-08-25 16:00:06.790017275 +0100 @@ -49,13 +49,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. !ifndef SEARCH_HERE_FIRST -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 !endif # Define the name of the interpreter initialization file. diff -up ghostscript-8.71/base/openvms.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/openvms.mak --- ghostscript-8.71/base/openvms.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 +++ ghostscript-8.71/base/openvms.mak 2010-08-25 16:00:06.819017200 +0100 @@ -68,12 +68,9 @@ GS_LIB_DEFAULT=GS_ROOT:[RESOURCE.INIT],G # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 # Define the name of the interpreter initialization file. # (There is no reason to change this.) diff -up ghostscript-8.71/base/openvms.mmk.SEARCH_HERE_FIRST ghostscript-8.71/base/openvms.mmk --- ghostscript-8.71/base/openvms.mmk.SEARCH_HERE_FIRST 2009-01-08 09:17:18.000000000 +0000 +++ ghostscript-8.71/base/openvms.mmk 2010-08-25 16:00:06.834017369 +0100 @@ -73,12 +73,9 @@ GS_LIB_DEFAULT=GS_LIB # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 # Define the name of the interpreter initialization file. # (There is no reason to change this.) diff -up ghostscript-8.71/base/ugcclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/ugcclib.mak --- ghostscript-8.71/base/ugcclib.mak.SEARCH_HERE_FIRST 2008-11-05 20:41:22.000000000 +0000 +++ ghostscript-8.71/base/ugcclib.mak 2010-08-25 16:00:06.842017457 +0100 @@ -30,7 +30,7 @@ gsdir = /usr/local/share/ghostscript gsdatadir = $(gsdir)/$(GS_DOT_VERSION) GS_DOCDIR=$(gsdatadir)/doc GS_LIB_DEFAULT=$(gsdatadir)/Resource/Init:$(gsdatadir)/lib:$(gsdatadir)/Resource/Font -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 GS_INIT=gs_init.ps #GENOPT=-DDEBUG diff -up ghostscript-8.71/base/unixansi.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/unixansi.mak --- ghostscript-8.71/base/unixansi.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 +++ ghostscript-8.71/base/unixansi.mak 2010-08-25 16:00:06.858017358 +0100 @@ -73,12 +73,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 # Define the name of the interpreter initialization file. # (There is no reason to change this.) diff -up ghostscript-8.71/base/unix-gcc.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/unix-gcc.mak --- ghostscript-8.71/base/unix-gcc.mak.SEARCH_HERE_FIRST 2009-11-11 15:50:28.000000000 +0000 +++ ghostscript-8.71/base/unix-gcc.mak 2010-08-25 16:00:06.888017760 +0100 @@ -77,12 +77,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 # Define the name of the interpreter initialization file. # (There is no reason to change this.) diff -up ghostscript-8.71/base/watclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/watclib.mak --- ghostscript-8.71/base/watclib.mak.SEARCH_HERE_FIRST 2009-01-08 09:17:18.000000000 +0000 +++ ghostscript-8.71/base/watclib.mak 2010-08-25 16:00:06.896017307 +0100 @@ -20,7 +20,7 @@ AROOTDIR=c:/gs GSROOTDIR=$(AROOTDIR)/gs$(GS_DOT_VERSION) GS_DOCDIR=$(GSROOTDIR)/doc GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Init\;$(GSROOTDIR)/lib\;$(GSROOTDIR)/Resource/Font\;$(AROOTDIR)/fonts -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 GS_INIT=gs_init.ps !ifndef DEBUG diff -up ghostscript-8.71/base/watcw32.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/watcw32.mak --- ghostscript-8.71/base/watcw32.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 +++ ghostscript-8.71/base/watcw32.mak 2010-08-25 16:00:06.914017272 +0100 @@ -54,11 +54,8 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security # and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 # Define the name of the interpreter initialization file. # (There is no reason to change this.) diff -up ghostscript-8.71/doc/Use.htm.SEARCH_HERE_FIRST ghostscript-8.71/doc/Use.htm --- ghostscript-8.71/doc/Use.htm.SEARCH_HERE_FIRST 2010-02-10 18:17:48.000000000 +0000 +++ ghostscript-8.71/doc/Use.htm 2010-08-25 16:00:06.949017319 +0100 @@ -823,8 +823,8 @@ file name specifies an absolute path. using the name given. Otherwise it tries directories in this order:
    -
  1. The current directory (unless disabled by the --P- switch); +
  2. The current directory if enabled by the +-P switch;
  3. The directories specified by -I switches in the command line, if any; @@ -847,13 +847,10 @@ into the executable ; directory or a list of directories separated by a character appropriate for the operating system (":" on Unix systems, "," on VMS systems, and -";" on MS Windows systems). We think that trying -the current directory first is a very bad idea -- it opens serious security -loopholes and can lead to very confusing errors if one has more than one -version of Ghostscript in one's environment -- but when we attempted to -change it, users insisted that we change it back. You can disable looking -in the current directory first by using the --P- switch. +";" on MS Windows systems). +By default, Ghostscript no longer searches the current directory first +but provides -P switch for a degree +of backward compatibility.

    Note that Ghostscript does not use this file searching algorithm for the @@ -2061,14 +2058,14 @@ for library files.

    -P
    Makes Ghostscript look first in the current directory for library -files. This is currently the default. +files.
    -P-
    Makes Ghostscript not look first in the current directory for library files (unless, of course, the first explicitly -supplied directory is "."). +supplied directory is "."). This is now the default.

    Setting parameters

    diff -up ghostscript-8.71/man/gs.1.SEARCH_HERE_FIRST ghostscript-8.71/man/gs.1 --- ghostscript-8.71/man/gs.1.SEARCH_HERE_FIRST 2010-02-10 18:17:48.000000000 +0000 +++ ghostscript-8.71/man/gs.1 2010-08-25 16:00:06.952017346 +0100 @@ -208,6 +208,12 @@ whereas \fB\-sname=35\fR is equivalent t .br /name (35) def .TP +.B \-P +Makes Ghostscript to look first in the current directory for library files. +By default, Ghostscript no longer looks in the current directory, +unless, of course, the first explicitly supplied directory is "." in \fB-I\fR. +See also the \fBINITIALIZATION FILES\fR section below, and bundled +\fBUse.htm\fR for detailed discussion on search paths and how Ghostcript finds files. .B \-q Quiet startup: suppress normal startup messages, and also do the equivalent of \fB\-dQUIET\fR. diff -up ghostscript-8.71/psi/msvc32.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/msvc32.mak --- ghostscript-8.71/psi/msvc32.mak.SEARCH_HERE_FIRST 2010-02-02 18:14:37.000000000 +0000 +++ ghostscript-8.71/psi/msvc32.mak 2010-08-25 16:00:06.954017446 +0100 @@ -100,13 +100,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. !ifndef SEARCH_HERE_FIRST -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 !endif # Define the name of the interpreter initialization file. diff -up ghostscript-8.71/psi/os2.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/os2.mak --- ghostscript-8.71/psi/os2.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 +++ ghostscript-8.71/psi/os2.mak 2010-08-25 16:00:06.956017546 +0100 @@ -54,12 +54,9 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini # Define whether or not searching for initialization files should always # look in the current directory first. This leads to well-known security -# and confusion problems, but users insist on it. -# NOTE: this also affects searching for files named on the command line: -# see the "File searching" section of Use.htm for full details. -# Because of this, setting SEARCH_HERE_FIRST to 0 is not recommended. +# and confusion problems, but may be convenient sometimes. -SEARCH_HERE_FIRST=1 +SEARCH_HERE_FIRST=0 # Define the name of the interpreter initialization file. # (There is no reason to change this.) diff -up ghostscript-8.71/psi/zfile.c.SEARCH_HERE_FIRST ghostscript-8.71/psi/zfile.c --- ghostscript-8.71/psi/zfile.c.SEARCH_HERE_FIRST 2009-10-04 13:42:07.000000000 +0100 +++ ghostscript-8.71/psi/zfile.c 2010-08-25 16:02:45.521018186 +0100 @@ -903,6 +903,91 @@ check_file_permissions_aux(i_ctx_t *i_ct } +/* return zero for success, -ve for error, +1 for continue */ +static int +lib_file_open_search_with_no_combine(gs_file_path_ptr lib_path, const gs_memory_t *mem, i_ctx_t *i_ctx_p, + const char *fname, uint flen, char *buffer, int blen, uint *pclen, ref *pfile, + gx_io_device *iodev, bool starting_arg_file, char *fmode) +{ + stream *s; + uint blen1 = blen; + if (gp_file_name_reduce(fname, flen, buffer, &blen1) != gp_combine_success) + goto skip; + if (iodev_os_open_file(iodev, (const char *)buffer, blen1, + (const char *)fmode, &s, (gs_memory_t *)mem) == 0) { + if (starting_arg_file || + check_file_permissions_aux(i_ctx_p, buffer, blen1) >= 0) { + *pclen = blen1; + make_stream_file(pfile, s, "r"); + return 0; + } + sclose(s); + return_error(e_invalidfileaccess); + } + skip:; + return 1; +} + +/* return zero for success, -ve for error, +1 for continue */ +static int +lib_file_open_search_with_combine(gs_file_path_ptr lib_path, const gs_memory_t *mem, i_ctx_t *i_ctx_p, + const char *fname, uint flen, char *buffer, int blen, uint *pclen, ref *pfile, + gx_io_device *iodev, bool starting_arg_file, char *fmode) +{ + stream *s; + const gs_file_path *pfpath = lib_path; + uint pi; + + for (pi = 0; pi < r_size(&pfpath->list); ++pi) { + const ref *prdir = pfpath->list.value.refs + pi; + const char *pstr = (const char *)prdir->value.const_bytes; + uint plen = r_size(prdir), blen1 = blen; + gs_parsed_file_name_t pname; + gp_file_name_combine_result r; + + /* We need to concatenate and parse the file name here + * if this path has a %device% prefix. */ + if (pstr[0] == '%') { + int code; + + /* We concatenate directly since gp_file_name_combine_* + * rules are not correct for other devices such as %rom% */ + code = gs_parse_file_name(&pname, pstr, plen); + if (code < 0) + continue; + memcpy(buffer, pname.fname, pname.len); + memcpy(buffer+pname.len, fname, flen); + code = pname.iodev->procs.open_file(pname.iodev, buffer, pname.len + flen, fmode, + &s, (gs_memory_t *)mem); + if (code < 0) + continue; + make_stream_file(pfile, s, "r"); + /* fill in the buffer with the device concatenated */ + memcpy(buffer, pstr, plen); + memcpy(buffer+plen, fname, flen); + *pclen = plen + flen; + return 0; + } else { + r = gp_file_name_combine(pstr, plen, + fname, flen, false, buffer, &blen1); + if (r != gp_combine_success) + continue; + if (iodev_os_open_file(iodev, (const char *)buffer, blen1, (const char *)fmode, + &s, (gs_memory_t *)mem) == 0) { + if (starting_arg_file || + check_file_permissions_aux(i_ctx_p, buffer, blen1) >= 0) { + *pclen = blen1; + make_stream_file(pfile, s, "r"); + return 0; + } + sclose(s); + return_error(e_invalidfileaccess); + } + } + } + return 1; +} + /* Return a file object of of the file searched for using the search paths. */ /* The fname cannot contain a device part (%...%) but the lib paths might. */ /* The startup code calls this to open the initialization file gs_init.ps. */ @@ -917,8 +1002,9 @@ lib_file_open(gs_file_path_ptr lib_path bool search_with_no_combine = false; bool search_with_combine = false; char fmode[4] = { 'r', 0, 0, 0 }; /* room for binary suffix */ - stream *s; gx_io_device *iodev = iodev_default; + gs_main_instance *minst = get_minst_from_memory(mem); + int code; /* when starting arg files (@ files) iodev_default is not yet set */ if (iodev == 0) @@ -932,75 +1018,36 @@ lib_file_open(gs_file_path_ptr lib_path search_with_no_combine = starting_arg_file; search_with_combine = true; } - if (search_with_no_combine) { - uint blen1 = blen; - - if (gp_file_name_reduce(fname, flen, buffer, &blen1) != gp_combine_success) - goto skip; - if (iodev_os_open_file(iodev, (const char *)buffer, blen1, - (const char *)fmode, &s, (gs_memory_t *)mem) == 0) { - if (starting_arg_file || - check_file_permissions_aux(i_ctx_p, buffer, blen1) >= 0) { - *pclen = blen1; - make_stream_file(pfile, s, "r"); - return 0; - } - sclose(s); - return_error(e_invalidfileaccess); - } - skip:; - } - if (search_with_combine) { - const gs_file_path *pfpath = lib_path; - uint pi; - - for (pi = 0; pi < r_size(&pfpath->list); ++pi) { - const ref *prdir = pfpath->list.value.refs + pi; - const char *pstr = (const char *)prdir->value.const_bytes; - uint plen = r_size(prdir), blen1 = blen; - gs_parsed_file_name_t pname; - gp_file_name_combine_result r; - - /* We need to concatenate and parse the file name here - * if this path has a %device% prefix. */ - if (pstr[0] == '%') { - int code; - - /* We concatenate directly since gp_file_name_combine_* - * rules are not correct for other devices such as %rom% */ - code = gs_parse_file_name(&pname, pstr, plen); - if (code < 0) - continue; - memcpy(buffer, pname.fname, pname.len); - memcpy(buffer+pname.len, fname, flen); - code = pname.iodev->procs.open_file(pname.iodev, buffer, pname.len + flen, fmode, - &s, (gs_memory_t *)mem); - if (code < 0) - continue; - make_stream_file(pfile, s, "r"); - /* fill in the buffer with the device concatenated */ - memcpy(buffer, pstr, plen); - memcpy(buffer+plen, fname, flen); - *pclen = plen + flen; - return 0; - } else { - r = gp_file_name_combine(pstr, plen, - fname, flen, false, buffer, &blen1); - if (r != gp_combine_success) - continue; - if (iodev_os_open_file(iodev, (const char *)buffer, blen1, (const char *)fmode, - &s, (gs_memory_t *)mem) == 0) { - if (starting_arg_file || - check_file_permissions_aux(i_ctx_p, buffer, blen1) >= 0) { - *pclen = blen1; - make_stream_file(pfile, s, "r"); - return 0; - } - sclose(s); - return_error(e_invalidfileaccess); - } - } - } + if (minst->search_here_first) { + if (search_with_no_combine) { + code = lib_file_open_search_with_no_combine(lib_path, mem, i_ctx_p, + fname, flen, buffer, blen, pclen, pfile, + iodev, starting_arg_file, fmode); + if (code <= 0) /* +ve means continue continue */ + return code; + } + if (search_with_combine) { + code = lib_file_open_search_with_combine(lib_path, mem, i_ctx_p, + fname, flen, buffer, blen, pclen, pfile, + iodev, starting_arg_file, fmode); + if (code <= 0) /* +ve means continue searching */ + return code; + } + } else { + if (search_with_combine) { + code = lib_file_open_search_with_combine(lib_path, mem, i_ctx_p, + fname, flen, buffer, blen, pclen, pfile, + iodev, starting_arg_file, fmode); + if (code <= 0) /* +ve means continue searching */ + return code; + } + if (search_with_no_combine) { + code = lib_file_open_search_with_no_combine(lib_path, mem, i_ctx_p, + fname, flen, buffer, blen, pclen, pfile, + iodev, starting_arg_file, fmode); + if (code <= 0) /* +ve means continue searching */ + return code; + } } return_error(e_undefinedfilename); } diff -up ghostscript-8.71/toolbin/msvcxml.bat.SEARCH_HERE_FIRST ghostscript-8.71/toolbin/msvcxml.bat --- ghostscript-8.71/toolbin/msvcxml.bat.SEARCH_HERE_FIRST 2009-01-26 17:16:47.000000000 +0000 +++ ghostscript-8.71/toolbin/msvcxml.bat 2010-08-25 16:00:06.959017477 +0100 @@ -1428,7 +1428,7 @@ echo ^ echo ^ echo ^ -echo ^ +echo ^ echo ^ goto end