diff options
Diffstat (limited to 'meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0005.patch')
-rw-r--r-- | meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0005.patch | 250 |
1 files changed, 0 insertions, 250 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0005.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0005.patch deleted file mode 100644 index db70bba215..0000000000 --- a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0005.patch +++ /dev/null | |||
@@ -1,250 +0,0 @@ | |||
1 | From 1e830cafa56c6e3e1b08d246eaf5496fe81a0032 Mon Sep 17 00:00:00 2001 | ||
2 | From: Nancy Durgin <nancy.durgin@artifex.com> | ||
3 | Date: Tue, 27 Nov 2018 12:36:14 -0800 | ||
4 | Subject: [PATCH 5/7] Undef a bunch of internal things in gs_res.ps | ||
5 | |||
6 | CVE: CVE-2019-6116 | ||
7 | Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git] | ||
8 | |||
9 | Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> | ||
10 | --- | ||
11 | Resource/Init/gs_res.ps | 72 +++++++++++++++++++++++++-------------- | ||
12 | Resource/Init/gs_resmp.ps | 4 +-- | ||
13 | 2 files changed, 49 insertions(+), 27 deletions(-) | ||
14 | |||
15 | diff --git a/Resource/Init/gs_res.ps b/Resource/Init/gs_res.ps | ||
16 | index d9b3459..18d5452 100644 | ||
17 | --- a/Resource/Init/gs_res.ps | ||
18 | +++ b/Resource/Init/gs_res.ps | ||
19 | @@ -197,7 +197,7 @@ setglobal | ||
20 | /.findresource { % <key> <category> findresource <instance> | ||
21 | 2 copy dup /Category eq | ||
22 | { pop //Category 0 get begin } { .findcategory } ifelse | ||
23 | - /FindResource .resourceexec exch pop exch pop | ||
24 | + /FindResource //.resourceexec exec exch pop exch pop | ||
25 | } bind | ||
26 | end % .Instances of Category | ||
27 | def | ||
28 | @@ -223,7 +223,7 @@ def | ||
29 | not { /defineresource cvx /typecheck signaloperror } if | ||
30 | } if | ||
31 | } if | ||
32 | - /DefineResource .resourceexec | ||
33 | + /DefineResource //.resourceexec exec | ||
34 | 4 1 roll pop pop pop | ||
35 | } .errorexec | ||
36 | } bind executeonly odef | ||
37 | @@ -252,7 +252,7 @@ def | ||
38 | % without the check. | ||
39 | /resourcestatus cvx /typecheck signalerror | ||
40 | } if | ||
41 | - 2 copy .findcategory /ResourceStatus .resourceexec | ||
42 | + 2 copy .findcategory /ResourceStatus //.resourceexec exec | ||
43 | { 4 2 roll pop pop //true } { pop pop //false } ifelse | ||
44 | } stopped { | ||
45 | % Although resourcestatus is an operator, Adobe uses executable name | ||
46 | @@ -266,7 +266,7 @@ def | ||
47 | } if | ||
48 | 1 .argindex 1 index % catch stackunderflow | ||
49 | |||
50 | - { .findcategory /UndefineResource .resourceexec pop pop | ||
51 | + { .findcategory /UndefineResource //.resourceexec exec pop pop | ||
52 | } stopped { | ||
53 | % Although undefineresource is an operator, Adobe uses executable name | ||
54 | % here but uses operator for the errors above. CET 23-33 | ||
55 | @@ -315,10 +315,10 @@ currentdict /pssystemparams known not { | ||
56 | /pssystemparams 10 dict readonly def | ||
57 | } if | ||
58 | pssystemparams begin | ||
59 | - .default_resource_dir | ||
60 | - /FontResourceDir (Font) .resource_dir_name | ||
61 | + //.default_resource_dir exec | ||
62 | + /FontResourceDir (Font) //.resource_dir_name exec | ||
63 | readonly .forcedef % pssys'params is r-o | ||
64 | - /GenericResourceDir () .resource_dir_name | ||
65 | + /GenericResourceDir () //.resource_dir_name exec | ||
66 | readonly .forcedef % pssys'params is r-o | ||
67 | pop % .default_resource_dir | ||
68 | /GenericResourcePathSep | ||
69 | @@ -387,13 +387,13 @@ status { | ||
70 | } bind def | ||
71 | /.localresourceforall { % <key> <value> <args> .localr'forall - | ||
72 | exch pop | ||
73 | - 2 copy 0 get .stringmatch { .enumerateresource } { pop pop } ifelse | ||
74 | + 2 copy 0 get .stringmatch { //.enumerateresource exec } { pop pop } ifelse | ||
75 | } bind def | ||
76 | /.globalresourceforall { % <key> <value> <args> .globalr'forall - | ||
77 | exch pop | ||
78 | 2 copy 0 get .stringmatch { | ||
79 | dup 3 get begin .LocalInstances end 2 index known not { | ||
80 | - .enumerateresource | ||
81 | + //.enumerateresource exec | ||
82 | } { | ||
83 | pop pop | ||
84 | } ifelse | ||
85 | @@ -408,7 +408,7 @@ status { | ||
86 | 3 index known { | ||
87 | pop pop pop | ||
88 | } { | ||
89 | - 2 index known { pop pop } { .enumerateresource } ifelse | ||
90 | + 2 index known { pop pop } { //.enumerateresource exec } ifelse | ||
91 | } ifelse | ||
92 | } bind def | ||
93 | |||
94 | @@ -468,19 +468,19 @@ status { | ||
95 | % .knownget doesn't fail on null | ||
96 | /findresource cvx /typecheck signaloperror | ||
97 | } if | ||
98 | - dup .getvminstance { | ||
99 | + dup //.getvminstance exec { | ||
100 | exch pop 0 get | ||
101 | } { | ||
102 | dup ResourceStatus { | ||
103 | pop 1 gt { | ||
104 | - .DoLoadResource .getvminstance not { | ||
105 | - /findresource cvx .undefinedresource | ||
106 | + .DoLoadResource //.getvminstance exec not { | ||
107 | + /findresource cvx //.undefinedresource exec | ||
108 | } if 0 get | ||
109 | } { | ||
110 | .GetInstance pop 0 get | ||
111 | } ifelse | ||
112 | } { | ||
113 | - /findresource cvx .undefinedresource | ||
114 | + /findresource cvx //.undefinedresource exec | ||
115 | } ifelse | ||
116 | } ifelse | ||
117 | } bind executeonly | ||
118 | @@ -621,7 +621,7 @@ status { | ||
119 | .currentglobal not .setglobal | ||
120 | vmstatus pop exch pop add | ||
121 | } repeat | ||
122 | -} bind def | ||
123 | +} bind executeonly odef | ||
124 | /.DoLoadResource { | ||
125 | % .LoadResource may push entries on the operand stack. | ||
126 | % It is an undocumented feature of Adobe implementations, | ||
127 | @@ -633,8 +633,8 @@ status { | ||
128 | {.LoadResource} 4 1 roll 4 .execn | ||
129 | % Stack: ... count key memused | ||
130 | .vmused exch sub | ||
131 | - 1 index .getvminstance not { | ||
132 | - pop dup .undefinedresource % didn't load | ||
133 | + 1 index //.getvminstance exec not { | ||
134 | + pop dup //.undefinedresource exec % didn't load | ||
135 | } if | ||
136 | dup 1 1 put | ||
137 | 2 3 -1 roll put | ||
138 | @@ -648,7 +648,7 @@ status { | ||
139 | { //true setglobal { .runresource } stopped //false setglobal { stop } if } | ||
140 | ifelse | ||
141 | } | ||
142 | - { dup .undefinedresource | ||
143 | + { dup //.undefinedresource exec | ||
144 | } | ||
145 | ifelse | ||
146 | } bind | ||
147 | @@ -758,7 +758,7 @@ counttomark 2 idiv | ||
148 | /FindResource | ||
149 | { .Instances 1 index .knownget | ||
150 | { exch pop } | ||
151 | - { /findresource cvx .undefinedresource } | ||
152 | + { /findresource cvx //.undefinedresource exec } | ||
153 | ifelse | ||
154 | } bind executeonly | ||
155 | /ResourceStatus | ||
156 | @@ -862,7 +862,7 @@ userdict /.localcsdefaults //false put | ||
157 | 2 copy /Generic /Category findresource /DefineResource get exec | ||
158 | exch pop | ||
159 | exch //.defaultcsnames exch .knownget { | ||
160 | - 1 index .definedefaultcs | ||
161 | + 1 index //.definedefaultcs exec | ||
162 | currentglobal not { .userdict /.localcsdefaults //true put } if | ||
163 | } if | ||
164 | } bind executeonly | ||
165 | @@ -872,13 +872,13 @@ userdict /.localcsdefaults //false put | ||
166 | //.defaultcsnames 1 index .knownget { | ||
167 | % Stack: resname index | ||
168 | currentglobal { | ||
169 | - .undefinedefaultcs pop | ||
170 | + //.undefinedefaultcs exec pop | ||
171 | } { | ||
172 | % We removed the local definition, but there might be a global one. | ||
173 | exch .GetInstance { | ||
174 | - 0 get .definedefaultcs | ||
175 | + 0 get //.definedefaultcs exec | ||
176 | } { | ||
177 | - .undefinedefaultcs | ||
178 | + //.undefinedefaultcs exec | ||
179 | } ifelse | ||
180 | % Recompute .localcsdefaults by scanning. This is rarely needed. | ||
181 | .userdict /.localcsdefaults //false //.defaultcsnames { | ||
182 | @@ -997,7 +997,7 @@ currentdict /.fontstatusaux .undef | ||
183 | /Generic /Category findresource /UndefineResource get exec | ||
184 | } bind executeonly | ||
185 | /FindResource { | ||
186 | - dup .getvminstance { | ||
187 | + dup //.getvminstance exec { | ||
188 | exch pop 0 get | ||
189 | } { | ||
190 | dup ResourceStatus { | ||
191 | @@ -1024,7 +1024,7 @@ currentdict /.fontstatusaux .undef | ||
192 | % stack: name font vmused | ||
193 | % findfont has the prerogative of not calling definefont | ||
194 | % in certain obscure cases of font substitution. | ||
195 | - 2 index .getvminstance { | ||
196 | + 2 index //.getvminstance exec { | ||
197 | dup 1 1 put | ||
198 | 2 3 -1 roll put | ||
199 | } { | ||
200 | @@ -1159,3 +1159,25 @@ end % level2dict | ||
201 | |||
202 | %% Replace 1 (gs_resmp.ps) | ||
203 | (gs_resmp.ps) dup runlibfile VMDEBUG | ||
204 | + | ||
205 | +[ | ||
206 | + /.default_resource_dir | ||
207 | + /.resource_dir_name | ||
208 | +] | ||
209 | +{systemdict exch .forceundef} forall | ||
210 | + | ||
211 | +[ | ||
212 | + /.definedefaultcs | ||
213 | + /.undefinedefaultcs | ||
214 | + /.defaultcsnames | ||
215 | + /.enumerateresource | ||
216 | + /.externalresourceforall | ||
217 | + /.getvminstance | ||
218 | + /.globalresourceforall | ||
219 | + /.localresourceforall | ||
220 | + /resourceforall1 | ||
221 | + /.resourceexec | ||
222 | + /.undefinedresource | ||
223 | + /.vmused | ||
224 | +] | ||
225 | +{level2dict exch .forceundef} forall | ||
226 | diff --git a/Resource/Init/gs_resmp.ps b/Resource/Init/gs_resmp.ps | ||
227 | index 9bb4263..cb948d1 100644 | ||
228 | --- a/Resource/Init/gs_resmp.ps | ||
229 | +++ b/Resource/Init/gs_resmp.ps | ||
230 | @@ -230,7 +230,7 @@ currentpacking //false setpacking | ||
231 | } { | ||
232 | dup dup .map exch .knownget { % /Name /Name <<record>> | ||
233 | dup dup /RecordVirtualMethods get /IsActive get exec { | ||
234 | - 1 index .getvminstance { % /Name /Name <<record>> holder | ||
235 | + 1 index //.getvminstance exec { % /Name /Name <<record>> holder | ||
236 | 1 get 1 eq | ||
237 | } { | ||
238 | //true | ||
239 | @@ -242,7 +242,7 @@ currentpacking //false setpacking | ||
240 | DefineResource exec % size bStatusIs1 /Name Instance | ||
241 | % Make ResourceStatus to return correct values for this instance : | ||
242 | % Hack: we replace status values in the instance holder : | ||
243 | - exch .getvminstance pop % size bStatusIs1 Instance holder | ||
244 | + exch //.getvminstance exec pop % size bStatusIs1 Instance holder | ||
245 | dup 5 -1 roll 2 exch put % bStatusIs1 Instance holder | ||
246 | 3 2 roll { % Instance holder | ||
247 | 1 1 put % Instance | ||
248 | -- | ||
249 | 2.18.1 | ||
250 | |||