summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3835-0002.patch
blob: 590b92e18658f4b1a5ee270b1bbfb260bfdd1fca (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
From ba6dbd6e61dbb3cc6ee6db9dd3a4f70cc18f706e Mon Sep 17 00:00:00 2001
From: Nancy Durgin <nancy.durgin@artifex.com>
Date: Thu, 14 Feb 2019 10:09:00 -0800
Subject: [PATCH] Undef /odef in gs_init.ps

Made a new temporary utility function in gs_cet.ps (.odef) to use instead
of /odef.  This makes it fine to undef odef with all the other operators in
gs_init.ps

This punts the bigger question of what to do with .makeoperator, but it
doesn't make the situation any worse than it already was.

CVE: CVE-2019-3835
Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
---
 Resource/Init/gs_cet.ps  | 10 ++++++++--
 Resource/Init/gs_init.ps |  1 +
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/Resource/Init/gs_cet.ps b/Resource/Init/gs_cet.ps
index 75534bb..dbc5c4e 100644
--- a/Resource/Init/gs_cet.ps
+++ b/Resource/Init/gs_cet.ps
@@ -1,6 +1,10 @@
 %!PS
 % Set defaults for Ghostscript to match Adobe CPSI behaviour for CET
 
+/.odef {		% <name> <proc> odef -
+  1 index exch .makeoperator def
+} bind def
+
 systemdict /product get (PhotoPRINT SE 5.0v2) readonly eq
 {
   (%END GS_CET) .skipeof
@@ -93,8 +97,8 @@ userdict /.smoothness currentsmoothness put
    } {
      /setsmoothness .systemvar /typecheck signalerror
    } ifelse
-} bind odef
-/currentsmoothness { userdict /.smoothness get } bind odef % for 09-55.PS, 09-57.PS .
+} bind //.odef exec
+/currentsmoothness { userdict /.smoothness get } bind //.odef exec % for 09-55.PS, 09-57.PS .
 
 % slightly nasty hack to give consistent cluster results
 /ofnfa systemdict /filenameforall get def
@@ -113,6 +117,8 @@ userdict /.smoothness currentsmoothness put
   } ifelse
   ofnfa
 } bind def
+
+currentdict /.odef undef
 % end of slightly nasty hack to give consistent cluster results
 
 //false 0 startjob pop		% re-enter encapsulated mode
diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
index e6b9cd2..80d9585 100644
--- a/Resource/Init/gs_init.ps
+++ b/Resource/Init/gs_init.ps
@@ -2257,6 +2257,7 @@ SAFER { .setsafeglobal } if
   /.systemvmSFD /.settrapparams /.currentsystemparams /.currentuserparams /.getsystemparam /.getuserparam /.setsystemparams /.setuserparams
   /.checkpassword /.locale_to_utf8 /.currentglobal /.gcheck /.imagepath /.currentoutputdevice
   /.type /.writecvs /.setSMask /.currentSMask /.needinput /.countexecstack /.execstack /.applypolicies
+  /odef
 
   % Used by a free user in the Library of Congress. Apparently this is used to
   % draw a partial page, which is then filled in by the results of a barcode
-- 
2.18.1