1 files changed, 346 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0007.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0007.patch
new file mode 100644
index 0000000000..5c1f839597
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0007.patch
@@ -0,0 +1,346 @@
+From 5c49efe24dda0f2dbd2a09b9159e683cce99b6d8 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Fri, 11 Jan 2019 13:36:36 +0000
+Subject: [PATCH 7/7] Remove .forcedef, and harden .force* ops more
+Remove .forcedef and replace all uses with a direct call to .forceput instead.
+Ensure every procedure (named and trasient) that calls .forceput is
+executeonly.
+CVE: CVE-2019-6116
+Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]
+Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
+---
+ Resource/Init/gs_dps1.ps  | 15 +++++++-----
+ Resource/Init/gs_init.ps  | 28 ++++++++-------------
+ Resource/Init/gs_lev2.ps  | 51 +++++++++++++++++++--------------------
+ Resource/Init/gs_ll3.ps   |  5 ++--
+ Resource/Init/gs_res.ps   | 29 +++++++++++-----------
+ Resource/Init/gs_statd.ps |  4 +--
+ 6 files changed, 63 insertions(+), 69 deletions(-)
+diff --git a/Resource/Init/gs_dps1.ps b/Resource/Init/gs_dps1.ps
+index 8700c8c..3d2cf7a 100644
+--- a/Resource/Init/gs_dps1.ps
+++ b/Resource/Init/gs_dps1.ps
+@@ -33,14 +33,17 @@ systemdict begin
+ 
+ /SharedFontDirectory .FontDirectory .gcheck
+  { .currentglobal //false .setglobal
+   currentdict
+    /LocalFontDirectory .FontDirectory dup maxlength dict copy
+-   .forcedef   % LocalFontDirectory is local, systemdict is global
+   .forceput   % LocalFontDirectory is local, systemdict is global
+    .setglobal .FontDirectory
+- }
+- { /LocalFontDirectory .FontDirectory
+-   .forcedef   % LocalFontDirectory is local, systemdict is global
+ } executeonly
+ {
+   currentdict
+   /LocalFontDirectory .FontDirectory
+   .forceput   % LocalFontDirectory is local, systemdict is global
+    50 dict
+- }
+ }executeonly
+ ifelse def
+ 
+ end                            % systemdict
+@@ -55,7 +58,7 @@ level2dict begin
+     { //SharedFontDirectory }
+     { /LocalFontDirectory .systemvar } % can't embed ref to local VM
+    ifelse .forceput pop        % LocalFontDirectory is local, systemdict is global
+- } .bind odef
+ } .bind executeonly odef
+ % Don't just copy (load) the definition of .setglobal:
+ % it gets redefined for LL3.
+ /setshared { /.setglobal .systemvar exec } odef
+diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
+index d9a0829..45bebf4 100644
+--- a/Resource/Init/gs_init.ps
+++ b/Resource/Init/gs_init.ps
+@@ -54,7 +54,7 @@ systemdict exch
+    dup /userdict
+    currentdict dup 200 .setmaxlength           % userdict
+    .forceput                   % userdict is local, systemdict is global
+- }
+ } executeonly
+ if begin
+ 
+ % Define dummy local/global operators if needed.
+@@ -299,13 +299,6 @@ QUIET not { printgreeting flush } if
+   1 index exch .makeoperator def
+ } .bind def
+ 
+-% Define a special version of def for storing local objects into global
+-% dictionaries.  Like .forceput, this exists only during initialization.
+-/.forcedef {           % <key> <value> .forcedef -
+-  1 .argindex pop      % check # of args
+-  currentdict 3 1 roll .forceput
+-} .bind odef
+-
+ % Define procedures for accessing variables in systemdict and userdict
+ % regardless of the contents of the dictionary stack.
+ /.systemvar {          % <name> .systemvar <value>
+@@ -347,7 +340,7 @@ DELAYBIND
+        }
+       ifelse
+     } .bind def
+-} if
+} executeonly if
+ 
+ %**************** BACKWARD COMPATIBILITY ****************
+ /hwsizedict mark /HWSize //null .dicttomark readonly def
+@@ -655,7 +648,7 @@ currentdict /.typenames .undef
+       /ifelse .systemvar
+     ] cvx executeonly
+   exch .setglobal
+-} odef
+} executeonly odef
+ systemdict /internaldict dup .makeinternaldict .makeoperator
+ .forceput              % proc is local, systemdict is global
+ 
+@@ -1093,7 +1086,7 @@ def
+ 
+ % Define $error.  This must be in local VM.
+ .currentglobal //false .setglobal
+-/$error 40 dict .forcedef      % $error is local, systemdict is global
+currentdict /$error 40 dict .forceput  % $error is local, systemdict is global
+                 % newerror, errorname, command, errorinfo,
+                 % ostack, estack, dstack, recordstacks,
+                 % binary, globalmode,
+@@ -1112,8 +1105,8 @@ end
+ % Define errordict similarly.  It has one entry per error name,
+ %   plus handleerror.  However, some astonishingly badly written PostScript
+ %   files require it to have at least one empty slot.
+-/errordict ErrorNames length 3 add dict
+-.forcedef              % errordict is local, systemdict is global
+currentdict /errordict ErrorNames length 3 add dict
+.forceput              % errordict is local, systemdict is global
+ .setglobal             % back to global VM
+ %  gserrordict contains all the default error handling methods, but unlike
+ %  errordict it is noaccess after creation (also it is in global VM).
+@@ -1273,8 +1266,9 @@ end
+ (END PROCS) VMDEBUG
+ 
+ % Define the font directory.
+currentdict
+ /FontDirectory //false .setglobal 100 dict //true .setglobal
+-.forcedef              % FontDirectory is local, systemdict is global
+.forceput              % FontDirectory is local, systemdict is global
+ 
+ % Define the encoding dictionary.
+ /EncodingDirectory 16 dict def % enough for Level 2 + PDF standard encodings
+@@ -2333,7 +2327,6 @@ SAFER { .setsafeglobal } if
+   //systemdict /UndefinePostScriptOperators get exec
+   //systemdict /UndefinePDFOperators get exec
+   //systemdict /.forcecopynew .forceundef      % remove temptation
+-  //systemdict /.forcedef .forceundef          % ditto
+   //systemdict /.forceput .forceundef          % ditto
+   //systemdict /.undef .forceundef                 % ditto
+   //systemdict /.forceundef .forceundef                % ditto
+@@ -2368,9 +2361,9 @@ SAFER { .setsafeglobal } if
+         % (and, if implemented, context switching).
+   .currentglobal //false .setglobal
+      mark userparams { } forall .dicttomark readonly
+-     /userparams exch .forcedef                % systemdict is read-only
+     currentdict exch /userparams exch .forceput               % systemdict is read-only
+   .setglobal
+-} if
+} executeonly if
+ /.currentsystemparams where {
+   pop
+         % Remove real system params from pssystemparams.
+@@ -2458,7 +2451,6 @@ end
+ DELAYBIND not {
+   systemdict /.bindnow .undef       % We only need this for DELAYBIND
+   systemdict /.forcecopynew .undef     % remove temptation
+-  systemdict /.forcedef .undef         % ditto
+   systemdict /.forceput .undef         % ditto
+   systemdict /.forceundef .undef       % ditto
+ } if
+diff --git a/Resource/Init/gs_lev2.ps b/Resource/Init/gs_lev2.ps
+index 0f0d573..9c0c3a6 100644
+--- a/Resource/Init/gs_lev2.ps
+++ b/Resource/Init/gs_lev2.ps
+@@ -304,31 +304,30 @@ end
+     psuserparams exch /.checkFilePermitparams load put
+   .setglobal
+ 
+-pssystemparams begin
+-  /CurDisplayList 0 .forcedef
+-  /CurFormCache 0 .forcedef
+-  /CurInputDevice () .forcedef
+-  /CurOutlineCache 0 .forcedef
+-  /CurOutputDevice () .forcedef
+-  /CurPatternCache 0 .forcedef
+-  /CurUPathCache 0 .forcedef
+-  /CurScreenStorage 0 .forcedef
+-  /CurSourceList 0 .forcedef
+-  /DoPrintErrors //false .forcedef
+-  /JobTimeout 0 .forcedef
+-  /LicenseID (LN-001) .forcedef     % bogus
+-  /MaxDisplayList 140000 .forcedef
+-  /MaxFormCache 100000 .forcedef
+-  /MaxImageBuffer 524288 .forcedef
+-  /MaxOutlineCache 65000 .forcedef
+-  /MaxPatternCache 100000 .forcedef
+-  /MaxUPathCache 300000 .forcedef
+-  /MaxScreenStorage 84000 .forcedef
+-  /MaxSourceList 25000 .forcedef
+-  /PrinterName product .forcedef
+-  /RamSize 4194304 .forcedef
+-  /WaitTimeout 40 .forcedef
+-end
+pssystemparams
+dup /CurDisplayList 0 .forceput
+dup /CurFormCache 0 .forceput
+dup /CurInputDevice () .forceput
+dup /CurOutlineCache 0 .forceput
+dup /CurOutputDevice () .forceput
+dup /CurPatternCache 0 .forceput
+dup /CurUPathCache 0 .forceput
+dup /CurScreenStorage 0 .forceput
+dup /CurSourceList 0 .forceput
+dup /DoPrintErrors //false .forceput
+dup /JobTimeout 0 .forceput
+dup /LicenseID (LN-001) .forceput     % bogus
+dup /MaxDisplayList 140000 .forceput
+dup /MaxFormCache 100000 .forceput
+dup /MaxImageBuffer 524288 .forceput
+dup /MaxOutlineCache 65000 .forceput
+dup /MaxPatternCache 100000 .forceput
+dup /MaxUPathCache 300000 .forceput
+dup /MaxScreenStorage 84000 .forceput
+dup /MaxSourceList 25000 .forceput
+dup /PrinterName product .forceput
+dup /RamSize 4194304 .forceput
+    /WaitTimeout 40 .forceput
+ 
+ % Define the procedures for handling comment scanning.  The names
+ % %ProcessComment and %ProcessDSCComment are known to the interpreter.
+@@ -710,7 +709,7 @@ pop         % currentsystemparams
+ /statusdict currentdict def
+ 
+ currentdict end
+-/statusdict exch .forcedef     % statusdict is local, systemdict is global
+currentdict exch /statusdict exch .forceput    % statusdict is local, systemdict is global
+ 
+ % The following compatibility operators are in systemdict.  They are
+ % defined here, rather than in gs_init.ps, because they require the
+diff --git a/Resource/Init/gs_ll3.ps b/Resource/Init/gs_ll3.ps
+index c86721f..881af44 100644
+--- a/Resource/Init/gs_ll3.ps
+++ b/Resource/Init/gs_ll3.ps
+@@ -521,9 +521,8 @@ end
+ % Define additional user and system parameters.
+ /HalftoneMode 0 .definepsuserparam
+ /MaxSuperScreen 1016 .definepsuserparam
+-pssystemparams begin           % read-only, so use .forcedef
+-  /MaxDisplayAndSourceList 160000 .forcedef
+-end
+% read-only, so use .forceput
+pssystemparams  /MaxDisplayAndSourceList 160000 .forceput
+ 
+ % Define the IdiomSet resource category.
+ { /IdiomSet } {
+diff --git a/Resource/Init/gs_res.ps b/Resource/Init/gs_res.ps
+index b016113..89c0ed6 100644
+--- a/Resource/Init/gs_res.ps
+++ b/Resource/Init/gs_res.ps
+@@ -41,10 +41,10 @@ level2dict begin
+ % However, Ed Taft of Adobe says their interpreters don't implement this
+ % either, so we aren't going to worry about it for a while.
+ 
+-currentglobal //false setglobal systemdict begin
+-  /localinstancedict 5 dict
+-  .forcedef    % localinstancedict is local, systemdict is global
+-end //true setglobal
+currentglobal //false setglobal
+  systemdict /localinstancedict 5 dict
+  .forceput    % localinstancedict is local, systemdict is global
+//true setglobal
+ /.emptydict 0 dict readonly def
+ setglobal
+ 
+@@ -149,7 +149,7 @@ setglobal
+           dup [ exch 0 -1 ] exch
+           .Instances 4 2 roll put
+                 % Make the Category dictionary read-only.  We will have to
+-                % use .forceput / .forcedef later to replace the dummy,
+                % use .forceput / .forceput later to replace the dummy,
+                 % empty .Instances dictionary with the real one later.
+           readonly
+         }{
+@@ -304,7 +304,8 @@ systemdict begin
+      dup () ne {
+      .file_name_directory_separator concatstrings
+     } if
+-    2 index exch //false .file_name_combine not {
+    2 index exch //false
+    .file_name_combine not {
+       (Error: .default_resource_dir returned ) print exch print ( that can't combine with ) print =
+       /.default_resource_dir cvx /configurationerror signalerror
+     } if
+@@ -317,14 +318,14 @@ currentdict /pssystemparams known not {
+ pssystemparams begin
+   //.default_resource_dir exec
+   /FontResourceDir (Font) //.resource_dir_name exec
+-     readonly .forcedef        % pssys'params is r-o
+     readonly currentdict 3 1 roll .forceput   % pssys'params is r-o
+   /GenericResourceDir () //.resource_dir_name exec
+-     readonly .forcedef        % pssys'params is r-o
+     readonly currentdict 3 1 roll .forceput   % pssys'params is r-o
+   pop % .default_resource_dir
+   /GenericResourcePathSep
+-        .file_name_separator readonly .forcedef                % pssys'params is r-o
+-  (%diskFontResourceDir) cvn (/Resource/Font/) readonly .forcedef      % pssys'params is r-o
+-  (%diskGenericResourceDir) cvn (/Resource/) readonly .forcedef        % pssys'params is r-o
+        .file_name_separator readonly currentdict 3 1 roll .forceput           % pssys'params is r-o
+  currentdict (%diskFontResourceDir) cvn (/Resource/Font/) readonly .forceput  % pssys'params is r-o
+  currentdict (%diskGenericResourceDir) cvn (/Resource/) readonly .forceput    % pssys'params is r-o
+ end
+ end
+ 
+@@ -422,8 +423,8 @@ status {
+                 .Instances dup //.emptydict eq {
+                   pop 3 dict
+                         % As noted above, Category dictionaries are read-only,
+-                        % so we have to use .forcedef here.
+-                  /.Instances 1 index .forcedef        % Category dict is read-only
+                        % so we have to use .forceput here.
+                  currentdict /.Instances 2 index .forceput    % Category dict is read-only
+                 } executeonly if
+               }
+               { .LocalInstances dup //.emptydict eq
+@@ -441,7 +442,7 @@ status {
+            { /defineresource cvx /typecheck signaloperror
+            }
+         ifelse
+-} .bind executeonly .makeoperator              % executeonly to prevent access to .forcedef
+} .bind executeonly .makeoperator              % executeonly to prevent access to .forceput
+ /UndefineResource
+         {  { dup 2 index .knownget
+               { dup 1 get 1 ge
+diff --git a/Resource/Init/gs_statd.ps b/Resource/Init/gs_statd.ps
+index 20d4c96..b6a7659 100644
+--- a/Resource/Init/gs_statd.ps
+++ b/Resource/Init/gs_statd.ps
+@@ -21,10 +21,10 @@ systemdict begin
+         % We make statusdict a little larger for Level 2 stuff.
+         % Note that it must be allocated in local VM.
+  .currentglobal //false .setglobal
+- /statusdict 91 dict .forcedef         % statusdict is local, sys'dict global
+ currentdict /statusdict 91 dict .forceput             % statusdict is local, sys'dict global
+         % To support the Level 2 job control features,
+         % serverdict must also be in local VM.
+- /serverdict 10 dict .forcedef         % serverdict is local, sys'dict global
+ currentdict /serverdict 10 dict .forceput             % serverdict is local, sys'dict global
+  .setglobal
+ end
+ 
+-- 
+2.18.1

diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0007.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0007.patch new file mode 100644 index 0000000000..5c1f839597 --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0007.patch
@@ -0,0 +1,346 @@
	1	From 5c49efe24dda0f2dbd2a09b9159e683cce99b6d8 Mon Sep 17 00:00:00 2001
	2	From: Chris Liddell <chris.liddell@artifex.com>
	3	Date: Fri, 11 Jan 2019 13:36:36 +0000
	4	Subject: [PATCH 7/7] Remove .forcedef, and harden .force* ops more
	5
	6	Remove .forcedef and replace all uses with a direct call to .forceput instead.
	7
	8	Ensure every procedure (named and trasient) that calls .forceput is
	9	executeonly.
	10
	11	CVE: CVE-2019-6116
	12	Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]
	13
	14	Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
	15	---
	16	Resource/Init/gs_dps1.ps \| 15 +++++++-----
	17	Resource/Init/gs_init.ps \| 28 ++++++++-------------
	18	Resource/Init/gs_lev2.ps \| 51 +++++++++++++++++++--------------------
	19	Resource/Init/gs_ll3.ps \| 5 ++--
	20	Resource/Init/gs_res.ps \| 29 +++++++++++-----------
	21	Resource/Init/gs_statd.ps \| 4 +--
	22	6 files changed, 63 insertions(+), 69 deletions(-)
	23
	24	diff --git a/Resource/Init/gs_dps1.ps b/Resource/Init/gs_dps1.ps
	25	index 8700c8c..3d2cf7a 100644
	26	--- a/Resource/Init/gs_dps1.ps
	27	+++ b/Resource/Init/gs_dps1.ps
	28	@@ -33,14 +33,17 @@ systemdict begin
	29
	30	/SharedFontDirectory .FontDirectory .gcheck
	31	{ .currentglobal //false .setglobal
	32	+ currentdict
	33	/LocalFontDirectory .FontDirectory dup maxlength dict copy
	34	- .forcedef % LocalFontDirectory is local, systemdict is global
	35	+ .forceput % LocalFontDirectory is local, systemdict is global
	36	.setglobal .FontDirectory
	37	- }
	38	- { /LocalFontDirectory .FontDirectory
	39	- .forcedef % LocalFontDirectory is local, systemdict is global
	40	+ } executeonly
	41	+ {
	42	+ currentdict
	43	+ /LocalFontDirectory .FontDirectory
	44	+ .forceput % LocalFontDirectory is local, systemdict is global
	45	50 dict
	46	- }
	47	+ }executeonly
	48	ifelse def
	49
	50	end % systemdict
	51	@@ -55,7 +58,7 @@ level2dict begin
	52	{ //SharedFontDirectory }
	53	{ /LocalFontDirectory .systemvar } % can't embed ref to local VM
	54	ifelse .forceput pop % LocalFontDirectory is local, systemdict is global
	55	- } .bind odef
	56	+ } .bind executeonly odef
	57	% Don't just copy (load) the definition of .setglobal:
	58	% it gets redefined for LL3.
	59	/setshared { /.setglobal .systemvar exec } odef
	60	diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
	61	index d9a0829..45bebf4 100644
	62	--- a/Resource/Init/gs_init.ps
	63	+++ b/Resource/Init/gs_init.ps
	64	@@ -54,7 +54,7 @@ systemdict exch
	65	dup /userdict
	66	currentdict dup 200 .setmaxlength % userdict
	67	.forceput % userdict is local, systemdict is global
	68	- }
	69	+ } executeonly
	70	if begin
	71
	72	% Define dummy local/global operators if needed.
	73	@@ -299,13 +299,6 @@ QUIET not { printgreeting flush } if
	74	1 index exch .makeoperator def
	75	} .bind def
	76
	77	-% Define a special version of def for storing local objects into global
	78	-% dictionaries. Like .forceput, this exists only during initialization.
	79	-/.forcedef { % <key> <value> .forcedef -
	80	- 1 .argindex pop % check # of args
	81	- currentdict 3 1 roll .forceput
	82	-} .bind odef
	83	-
	84	% Define procedures for accessing variables in systemdict and userdict
	85	% regardless of the contents of the dictionary stack.
	86	/.systemvar { % <name> .systemvar <value>
	87	@@ -347,7 +340,7 @@ DELAYBIND
	88	}
	89	ifelse
	90	} .bind def
	91	-} if
	92	+} executeonly if
	93
	94	%************** BACKWARD COMPATIBILITY **************
	95	/hwsizedict mark /HWSize //null .dicttomark readonly def
	96	@@ -655,7 +648,7 @@ currentdict /.typenames .undef
	97	/ifelse .systemvar
	98	] cvx executeonly
	99	exch .setglobal
	100	-} odef
	101	+} executeonly odef
	102	systemdict /internaldict dup .makeinternaldict .makeoperator
	103	.forceput % proc is local, systemdict is global
	104
	105	@@ -1093,7 +1086,7 @@ def
	106
	107	% Define $error. This must be in local VM.
	108	.currentglobal //false .setglobal
	109	-/$error 40 dict .forcedef % $error is local, systemdict is global
	110	+currentdict /$error 40 dict .forceput % $error is local, systemdict is global
	111	% newerror, errorname, command, errorinfo,
	112	% ostack, estack, dstack, recordstacks,
	113	% binary, globalmode,
	114	@@ -1112,8 +1105,8 @@ end
	115	% Define errordict similarly. It has one entry per error name,
	116	% plus handleerror. However, some astonishingly badly written PostScript
	117	% files require it to have at least one empty slot.
	118	-/errordict ErrorNames length 3 add dict
	119	-.forcedef % errordict is local, systemdict is global
	120	+currentdict /errordict ErrorNames length 3 add dict
	121	+.forceput % errordict is local, systemdict is global
	122	.setglobal % back to global VM
	123	% gserrordict contains all the default error handling methods, but unlike
	124	% errordict it is noaccess after creation (also it is in global VM).
	125	@@ -1273,8 +1266,9 @@ end
	126	(END PROCS) VMDEBUG
	127
	128	% Define the font directory.
	129	+currentdict
	130	/FontDirectory //false .setglobal 100 dict //true .setglobal
	131	-.forcedef % FontDirectory is local, systemdict is global
	132	+.forceput % FontDirectory is local, systemdict is global
	133
	134	% Define the encoding dictionary.
	135	/EncodingDirectory 16 dict def % enough for Level 2 + PDF standard encodings
	136	@@ -2333,7 +2327,6 @@ SAFER { .setsafeglobal } if
	137	//systemdict /UndefinePostScriptOperators get exec
	138	//systemdict /UndefinePDFOperators get exec
	139	//systemdict /.forcecopynew .forceundef % remove temptation
	140	- //systemdict /.forcedef .forceundef % ditto
	141	//systemdict /.forceput .forceundef % ditto
	142	//systemdict /.undef .forceundef % ditto
	143	//systemdict /.forceundef .forceundef % ditto
	144	@@ -2368,9 +2361,9 @@ SAFER { .setsafeglobal } if
	145	% (and, if implemented, context switching).
	146	.currentglobal //false .setglobal
	147	mark userparams { } forall .dicttomark readonly
	148	- /userparams exch .forcedef % systemdict is read-only
	149	+ currentdict exch /userparams exch .forceput % systemdict is read-only
	150	.setglobal
	151	-} if
	152	+} executeonly if
	153	/.currentsystemparams where {
	154	pop
	155	% Remove real system params from pssystemparams.
	156	@@ -2458,7 +2451,6 @@ end
	157	DELAYBIND not {
	158	systemdict /.bindnow .undef % We only need this for DELAYBIND
	159	systemdict /.forcecopynew .undef % remove temptation
	160	- systemdict /.forcedef .undef % ditto
	161	systemdict /.forceput .undef % ditto
	162	systemdict /.forceundef .undef % ditto
	163	} if
	164	diff --git a/Resource/Init/gs_lev2.ps b/Resource/Init/gs_lev2.ps
	165	index 0f0d573..9c0c3a6 100644
	166	--- a/Resource/Init/gs_lev2.ps
	167	+++ b/Resource/Init/gs_lev2.ps
	168	@@ -304,31 +304,30 @@ end
	169	psuserparams exch /.checkFilePermitparams load put
	170	.setglobal
	171
	172	-pssystemparams begin
	173	- /CurDisplayList 0 .forcedef
	174	- /CurFormCache 0 .forcedef
	175	- /CurInputDevice () .forcedef
	176	- /CurOutlineCache 0 .forcedef
	177	- /CurOutputDevice () .forcedef
	178	- /CurPatternCache 0 .forcedef
	179	- /CurUPathCache 0 .forcedef
	180	- /CurScreenStorage 0 .forcedef
	181	- /CurSourceList 0 .forcedef
	182	- /DoPrintErrors //false .forcedef
	183	- /JobTimeout 0 .forcedef
	184	- /LicenseID (LN-001) .forcedef % bogus
	185	- /MaxDisplayList 140000 .forcedef
	186	- /MaxFormCache 100000 .forcedef
	187	- /MaxImageBuffer 524288 .forcedef
	188	- /MaxOutlineCache 65000 .forcedef
	189	- /MaxPatternCache 100000 .forcedef
	190	- /MaxUPathCache 300000 .forcedef
	191	- /MaxScreenStorage 84000 .forcedef
	192	- /MaxSourceList 25000 .forcedef
	193	- /PrinterName product .forcedef
	194	- /RamSize 4194304 .forcedef
	195	- /WaitTimeout 40 .forcedef
	196	-end
	197	+pssystemparams
	198	+dup /CurDisplayList 0 .forceput
	199	+dup /CurFormCache 0 .forceput
	200	+dup /CurInputDevice () .forceput
	201	+dup /CurOutlineCache 0 .forceput
	202	+dup /CurOutputDevice () .forceput
	203	+dup /CurPatternCache 0 .forceput
	204	+dup /CurUPathCache 0 .forceput
	205	+dup /CurScreenStorage 0 .forceput
	206	+dup /CurSourceList 0 .forceput
	207	+dup /DoPrintErrors //false .forceput
	208	+dup /JobTimeout 0 .forceput
	209	+dup /LicenseID (LN-001) .forceput % bogus
	210	+dup /MaxDisplayList 140000 .forceput
	211	+dup /MaxFormCache 100000 .forceput
	212	+dup /MaxImageBuffer 524288 .forceput
	213	+dup /MaxOutlineCache 65000 .forceput
	214	+dup /MaxPatternCache 100000 .forceput
	215	+dup /MaxUPathCache 300000 .forceput
	216	+dup /MaxScreenStorage 84000 .forceput
	217	+dup /MaxSourceList 25000 .forceput
	218	+dup /PrinterName product .forceput
	219	+dup /RamSize 4194304 .forceput
	220	+ /WaitTimeout 40 .forceput
	221
	222	% Define the procedures for handling comment scanning. The names
	223	% %ProcessComment and %ProcessDSCComment are known to the interpreter.
	224	@@ -710,7 +709,7 @@ pop % currentsystemparams
	225	/statusdict currentdict def
	226
	227	currentdict end
	228	-/statusdict exch .forcedef % statusdict is local, systemdict is global
	229	+currentdict exch /statusdict exch .forceput % statusdict is local, systemdict is global
	230
	231	% The following compatibility operators are in systemdict. They are
	232	% defined here, rather than in gs_init.ps, because they require the
	233	diff --git a/Resource/Init/gs_ll3.ps b/Resource/Init/gs_ll3.ps
	234	index c86721f..881af44 100644
	235	--- a/Resource/Init/gs_ll3.ps
	236	+++ b/Resource/Init/gs_ll3.ps
	237	@@ -521,9 +521,8 @@ end
	238	% Define additional user and system parameters.
	239	/HalftoneMode 0 .definepsuserparam
	240	/MaxSuperScreen 1016 .definepsuserparam
	241	-pssystemparams begin % read-only, so use .forcedef
	242	- /MaxDisplayAndSourceList 160000 .forcedef
	243	-end
	244	+% read-only, so use .forceput
	245	+pssystemparams /MaxDisplayAndSourceList 160000 .forceput
	246
	247	% Define the IdiomSet resource category.
	248	{ /IdiomSet } {
	249	diff --git a/Resource/Init/gs_res.ps b/Resource/Init/gs_res.ps
	250	index b016113..89c0ed6 100644
	251	--- a/Resource/Init/gs_res.ps
	252	+++ b/Resource/Init/gs_res.ps
	253	@@ -41,10 +41,10 @@ level2dict begin
	254	% However, Ed Taft of Adobe says their interpreters don't implement this
	255	% either, so we aren't going to worry about it for a while.
	256
	257	-currentglobal //false setglobal systemdict begin
	258	- /localinstancedict 5 dict
	259	- .forcedef % localinstancedict is local, systemdict is global
	260	-end //true setglobal
	261	+currentglobal //false setglobal
	262	+ systemdict /localinstancedict 5 dict
	263	+ .forceput % localinstancedict is local, systemdict is global
	264	+//true setglobal
	265	/.emptydict 0 dict readonly def
	266	setglobal
	267
	268	@@ -149,7 +149,7 @@ setglobal
	269	dup [ exch 0 -1 ] exch
	270	.Instances 4 2 roll put
	271	% Make the Category dictionary read-only. We will have to
	272	- % use .forceput / .forcedef later to replace the dummy,
	273	+ % use .forceput / .forceput later to replace the dummy,
	274	% empty .Instances dictionary with the real one later.
	275	readonly
	276	}{
	277	@@ -304,7 +304,8 @@ systemdict begin
	278	dup () ne {
	279	.file_name_directory_separator concatstrings
	280	} if
	281	- 2 index exch //false .file_name_combine not {
	282	+ 2 index exch //false
	283	+ .file_name_combine not {
	284	(Error: .default_resource_dir returned ) print exch print ( that can't combine with ) print =
	285	/.default_resource_dir cvx /configurationerror signalerror
	286	} if
	287	@@ -317,14 +318,14 @@ currentdict /pssystemparams known not {
	288	pssystemparams begin
	289	//.default_resource_dir exec
	290	/FontResourceDir (Font) //.resource_dir_name exec
	291	- readonly .forcedef % pssys'params is r-o
	292	+ readonly currentdict 3 1 roll .forceput % pssys'params is r-o
	293	/GenericResourceDir () //.resource_dir_name exec
	294	- readonly .forcedef % pssys'params is r-o
	295	+ readonly currentdict 3 1 roll .forceput % pssys'params is r-o
	296	pop % .default_resource_dir
	297	/GenericResourcePathSep
	298	- .file_name_separator readonly .forcedef % pssys'params is r-o
	299	- (%diskFontResourceDir) cvn (/Resource/Font/) readonly .forcedef % pssys'params is r-o
	300	- (%diskGenericResourceDir) cvn (/Resource/) readonly .forcedef % pssys'params is r-o
	301	+ .file_name_separator readonly currentdict 3 1 roll .forceput % pssys'params is r-o
	302	+ currentdict (%diskFontResourceDir) cvn (/Resource/Font/) readonly .forceput % pssys'params is r-o
	303	+ currentdict (%diskGenericResourceDir) cvn (/Resource/) readonly .forceput % pssys'params is r-o
	304	end
	305	end
	306
	307	@@ -422,8 +423,8 @@ status {
	308	.Instances dup //.emptydict eq {
	309	pop 3 dict
	310	% As noted above, Category dictionaries are read-only,
	311	- % so we have to use .forcedef here.
	312	- /.Instances 1 index .forcedef % Category dict is read-only
	313	+ % so we have to use .forceput here.
	314	+ currentdict /.Instances 2 index .forceput % Category dict is read-only
	315	} executeonly if
	316	}
	317	{ .LocalInstances dup //.emptydict eq
	318	@@ -441,7 +442,7 @@ status {
	319	{ /defineresource cvx /typecheck signaloperror
	320	}
	321	ifelse
	322	-} .bind executeonly .makeoperator % executeonly to prevent access to .forcedef
	323	+} .bind executeonly .makeoperator % executeonly to prevent access to .forceput
	324	/UndefineResource
	325	{ { dup 2 index .knownget
	326	{ dup 1 get 1 ge
	327	diff --git a/Resource/Init/gs_statd.ps b/Resource/Init/gs_statd.ps
	328	index 20d4c96..b6a7659 100644
	329	--- a/Resource/Init/gs_statd.ps
	330	+++ b/Resource/Init/gs_statd.ps
	331	@@ -21,10 +21,10 @@ systemdict begin
	332	% We make statusdict a little larger for Level 2 stuff.
	333	% Note that it must be allocated in local VM.
	334	.currentglobal //false .setglobal
	335	- /statusdict 91 dict .forcedef % statusdict is local, sys'dict global
	336	+ currentdict /statusdict 91 dict .forceput % statusdict is local, sys'dict global
	337	% To support the Level 2 job control features,
	338	% serverdict must also be in local VM.
	339	- /serverdict 10 dict .forcedef % serverdict is local, sys'dict global
	340	+ currentdict /serverdict 10 dict .forceput % serverdict is local, sys'dict global
	341	.setglobal
	342	end
	343
	344	--
	345	2.18.1
	346