diff options
Diffstat (limited to 'meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0004.patch')
-rw-r--r-- | meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0004.patch | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0004.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0004.patch new file mode 100644 index 0000000000..cc15453f00 --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0004.patch | |||
@@ -0,0 +1,136 @@ | |||
1 | From d739565534e955c4336731e4ea4eebc895c09c5c Mon Sep 17 00:00:00 2001 | ||
2 | From: Chris Liddell <chris.liddell@artifex.com> | ||
3 | Date: Tue, 18 Dec 2018 10:42:10 +0000 | ||
4 | Subject: [PATCH 4/7] Harden some uses of .force* operators | ||
5 | |||
6 | by adding a few immediate evalutions | ||
7 | |||
8 | CVE: CVE-2019-6116 | ||
9 | Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git] | ||
10 | |||
11 | Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> | ||
12 | --- | ||
13 | Resource/Init/gs_dps1.ps | 4 ++-- | ||
14 | Resource/Init/gs_fonts.ps | 20 ++++++++++---------- | ||
15 | Resource/Init/gs_init.ps | 6 +++--- | ||
16 | 3 files changed, 15 insertions(+), 15 deletions(-) | ||
17 | |||
18 | diff --git a/Resource/Init/gs_dps1.ps b/Resource/Init/gs_dps1.ps | ||
19 | index 4fae283..b75ea14 100644 | ||
20 | --- a/Resource/Init/gs_dps1.ps | ||
21 | +++ b/Resource/Init/gs_dps1.ps | ||
22 | @@ -74,7 +74,7 @@ level2dict begin | ||
23 | } odef | ||
24 | % undefinefont has to take local/global VM into account. | ||
25 | /undefinefont % <fontname> undefinefont - | ||
26 | - { .FontDirectory 1 .argindex .forceundef % FontDirectory is readonly | ||
27 | + { //.FontDirectory 1 .argindex .forceundef % FontDirectory is readonly | ||
28 | .currentglobal | ||
29 | { % Current mode is global; delete from local directory too. | ||
30 | //systemdict /LocalFontDirectory .knownget | ||
31 | @@ -85,7 +85,7 @@ level2dict begin | ||
32 | % definition, copy it into the local directory. | ||
33 | //systemdict /SharedFontDirectory .knownget | ||
34 | { 1 index .knownget | ||
35 | - { .FontDirectory 2 index 3 -1 roll { put } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse } % readonly | ||
36 | + { //.FontDirectory 2 index 3 -1 roll { put } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse } % readonly | ||
37 | if | ||
38 | } | ||
39 | if | ||
40 | diff --git a/Resource/Init/gs_fonts.ps b/Resource/Init/gs_fonts.ps | ||
41 | index 290da0c..c13a2fc 100644 | ||
42 | --- a/Resource/Init/gs_fonts.ps | ||
43 | +++ b/Resource/Init/gs_fonts.ps | ||
44 | @@ -516,7 +516,7 @@ buildfontdict 3 /.buildfont3 cvx put | ||
45 | if | ||
46 | } | ||
47 | if | ||
48 | - dup .FontDirectory 4 -2 roll { .growput } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse % readonly | ||
49 | + dup //.FontDirectory 4 -2 roll { .growput } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse % readonly | ||
50 | % If the font originated as a resource, register it. | ||
51 | currentfile .currentresourcefile eq { dup .registerfont } if | ||
52 | readonly | ||
53 | @@ -943,7 +943,7 @@ $error /SubstituteFont { } put | ||
54 | % Try to find a font using only the present contents of Fontmap. | ||
55 | /.tryfindfont { % <fontname> .tryfindfont <font> true | ||
56 | % <fontname> .tryfindfont false | ||
57 | - .FontDirectory 1 index .fontknownget | ||
58 | + //.FontDirectory 1 index .fontknownget | ||
59 | { % Already loaded | ||
60 | exch pop //true | ||
61 | } | ||
62 | @@ -975,7 +975,7 @@ $error /SubstituteFont { } put | ||
63 | { % Font with a procedural definition | ||
64 | exec % The procedure will load the font. | ||
65 | % Check to make sure this really happened. | ||
66 | - .FontDirectory 1 index .knownget | ||
67 | + //.FontDirectory 1 index .knownget | ||
68 | { exch pop //true exit } | ||
69 | if | ||
70 | } | ||
71 | @@ -1081,11 +1081,11 @@ $error /SubstituteFont { } put | ||
72 | % because it's different depending on language level. | ||
73 | .currentglobal exch /.setglobal .systemvar exec | ||
74 | % Remove the fake definition, if any. | ||
75 | - .FontDirectory 3 index .forceundef % readonly | ||
76 | - 1 index (r) file .loadfont .FontDirectory exch | ||
77 | + //.FontDirectory 3 index .forceundef % readonly | ||
78 | + 1 index (r) file .loadfont //.FontDirectory exch | ||
79 | /.setglobal .systemvar exec | ||
80 | } executeonly | ||
81 | - { .loadfont .FontDirectory | ||
82 | + { .loadfont //.FontDirectory | ||
83 | } | ||
84 | ifelse | ||
85 | % Stack: fontname fontfilename fontdirectory | ||
86 | @@ -1119,8 +1119,8 @@ $error /SubstituteFont { } put | ||
87 | % Stack: origfontname fontdirectory filefontname fontdict | ||
88 | 3 -1 roll pop | ||
89 | % Stack: origfontname filefontname fontdict | ||
90 | - dup /FontName get dup FontDirectory exch .forceundef | ||
91 | - GlobalFontDirectory exch .forceundef | ||
92 | + dup /FontName get dup //.FontDirectory exch .forceundef | ||
93 | + /GlobalFontDirectory .systemvar exch .forceundef | ||
94 | dup length dict .copydict dup 3 index /FontName exch put | ||
95 | 2 index exch definefont | ||
96 | exch | ||
97 | @@ -1176,10 +1176,10 @@ currentdict /.putgstringcopy .undef | ||
98 | { | ||
99 | { | ||
100 | pop dup type /stringtype eq { cvn } if | ||
101 | - .FontDirectory 1 index known not { | ||
102 | + //.FontDirectory 1 index known not { | ||
103 | 2 dict dup /FontName 3 index put | ||
104 | dup /FontType 1 put | ||
105 | - .FontDirectory 3 1 roll { put } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse % readonly | ||
106 | + //.FontDirectory 3 1 roll { put } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse % readonly | ||
107 | } { | ||
108 | pop | ||
109 | } ifelse | ||
110 | diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps | ||
111 | index 56c0bd2..d9a0829 100644 | ||
112 | --- a/Resource/Init/gs_init.ps | ||
113 | +++ b/Resource/Init/gs_init.ps | ||
114 | @@ -1168,8 +1168,8 @@ errordict /unknownerror .undef | ||
115 | }ifelse | ||
116 | }forall | ||
117 | noaccess pop | ||
118 | - systemdict /.setsafeerrors .forceundef | ||
119 | - systemdict /.SAFERERRORLIST .forceundef | ||
120 | + //systemdict /.setsafeerrors .forceundef | ||
121 | + //systemdict /.SAFERERRORLIST .forceundef | ||
122 | } bind executeonly odef | ||
123 | |||
124 | SAFERERRORS {.setsafererrors} if | ||
125 | @@ -2114,7 +2114,7 @@ currentdict /tempfilepaths undef | ||
126 | |||
127 | /.locksafe { | ||
128 | .locksafe_userparams | ||
129 | - systemdict /getenv {pop //false} .forceput | ||
130 | + //systemdict /getenv {pop //false} .forceput | ||
131 | % setpagedevice has the side effect of clearing the page, but | ||
132 | % we will just document that. Using setpagedevice keeps the device | ||
133 | % properties and pagedevice .LockSafetyParams in agreement even | ||
134 | -- | ||
135 | 2.18.1 | ||
136 | |||