diff options
| author | J0WI <J0WI@users.noreply.github.com> | 2019-08-29 23:21:40 +0200 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2019-09-03 14:19:27 +0000 |
| commit | 47e96eb4a65356706c4e6344e74859d045d38237 (patch) | |
| tree | 7cfadb5a6f21454e2f919940be7dfa38d79595c6 /main/ghostscript/forceput-inaccessible.patch | |
| parent | 21cda98b4088fa861bf13a87262666d54673e54f (diff) | |
| download | aports-47e96eb4a65356706c4e6344e74859d045d38237.tar.bz2 aports-47e96eb4a65356706c4e6344e74859d045d38237.tar.xz | |
main/ghostscript: add security patches
Diffstat (limited to 'main/ghostscript/forceput-inaccessible.patch')
| -rw-r--r-- | main/ghostscript/forceput-inaccessible.patch | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/main/ghostscript/forceput-inaccessible.patch b/main/ghostscript/forceput-inaccessible.patch new file mode 100644 index 0000000000..d2bfe9f43f --- /dev/null +++ b/main/ghostscript/forceput-inaccessible.patch @@ -0,0 +1,63 @@ +From 885444fcbe10dc42787ecb76686c8ee4dd33bf33 Mon Sep 17 00:00:00 2001 +From: Ken Sharp <ken.sharp@artifex.com> +Date: Tue, 20 Aug 2019 10:10:28 +0100 +Subject: [PATCH] make .forceput inaccessible + +Bug #701343, #701344, #701345 + +More defensive programming. We don't want people to access .forecput +even though it is no longer sufficient to bypass SAFER. The exploit +in #701343 didn't work anyway because of earlier work to stop the error +handler being used, but nevertheless, prevent access to .forceput from +.setuserparams2. +--- + Resource/Init/gs_lev2.ps | 6 +++--- + Resource/Init/gs_pdfwr.ps | 4 ++-- + 2 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/Resource/Init/gs_lev2.ps b/Resource/Init/gs_lev2.ps +index 4cc7f82..0fd4164 100644 +--- a/Resource/Init/gs_lev2.ps ++++ b/Resource/Init/gs_lev2.ps +@@ -158,7 +158,7 @@ end + { + pop pop + } ifelse +- } forall ++ } executeonly forall + % A context switch might have occurred during the above loop, + % causing the interpreter-level parameters to be reset. + % Set them again to the new values. From here on, we are safe, +@@ -229,9 +229,9 @@ end + { pop pop + } + ifelse +- } ++ } executeonly + forall pop +-} .bind odef ++} .bind executeonly odef + + % Initialize the passwords. + % NOTE: the names StartJobPassword and SystemParamsPassword are known to +diff --git a/Resource/Init/gs_pdfwr.ps b/Resource/Init/gs_pdfwr.ps +index c158a8f..422e66e 100644 +--- a/Resource/Init/gs_pdfwr.ps ++++ b/Resource/Init/gs_pdfwr.ps +@@ -658,11 +658,11 @@ currentdict /.pdfmarkparams .undef + systemdict /.pdf_hooked_DSC_Creator //true .forceput + } executeonly if + pop +- } if ++ } executeonly if + } { + pop + } ifelse +- } ++ } executeonly + { + pop + } ifelse +-- +2.9.1 + |