summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/ghostscript/ghostscript/CVE-2017-7207.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-extended/ghostscript/ghostscript/CVE-2017-7207.patch')
-rw-r--r--meta/recipes-extended/ghostscript/ghostscript/CVE-2017-7207.patch39
1 files changed, 0 insertions, 39 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2017-7207.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2017-7207.patch
deleted file mode 100644
index a05dc02c6c..0000000000
--- a/meta/recipes-extended/ghostscript/ghostscript/CVE-2017-7207.patch
+++ /dev/null
@@ -1,39 +0,0 @@
1From 0e88bee1304993668fede72498d656a2dd33a35e Mon Sep 17 00:00:00 2001
2From: Ken Sharp <ken.sharp@artifex.com>
3Date: Mon, 20 Mar 2017 09:34:11 +0000
4Subject: [PATCH] Ensure a device has raster memory, before trying to read it.
5
6Bug #697676 "Null pointer dereference in mem_get_bits_rectangle()"
7
8This is only possible by abusing/mis-using Ghostscript-specific
9language extensions, so cannot happen in a general PostScript program.
10
11Nevertheless, Ghostscript should not crash. So this commit checks the
12memory device to see if raster memory has been allocated, before trying
13to read from it.
14
15Upstream-Status: Backport
16CVE: CVE-2017-7207
17
18Author: Ken Sharp <ken.sharp@artifex.com>
19Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
20---
21 base/gdevmem.c | 2 ++
22 1 file changed, 2 insertions(+)
23
24diff --git a/base/gdevmem.c b/base/gdevmem.c
25index 41108ba..183f96d 100644
26--- a/base/gdevmem.c
27+++ b/base/gdevmem.c
28@@ -605,6 +605,8 @@ mem_get_bits_rectangle(gx_device * dev, const gs_int_rect * prect,
29 GB_PACKING_CHUNKY | GB_COLORS_NATIVE | GB_ALPHA_NONE;
30 return_error(gs_error_rangecheck);
31 }
32+ if (mdev->line_ptrs == 0x00)
33+ return_error(gs_error_rangecheck);
34 if ((w <= 0) | (h <= 0)) {
35 if ((w | h) < 0)
36 return_error(gs_error_rangecheck);
37--
382.10.2
39