aboutsummaryrefslogtreecommitdiffstats
path: root/main/ghostscript/CVE-2019-3838.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/ghostscript/CVE-2019-3838.patch')
-rw-r--r--main/ghostscript/CVE-2019-3838.patch56
1 files changed, 56 insertions, 0 deletions
diff --git a/main/ghostscript/CVE-2019-3838.patch b/main/ghostscript/CVE-2019-3838.patch
new file mode 100644
index 0000000000..0ba1e876b6
--- /dev/null
+++ b/main/ghostscript/CVE-2019-3838.patch
@@ -0,0 +1,56 @@
+From ed9fcd95bb01f0768bf273b2526732e381202319 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Wed, 20 Feb 2019 09:54:28 +0000
+Subject: [PATCH 1/2] Bug 700576: Make a transient proc executeonly (in
+ DefineResource).
+
+This prevents access to .forceput
+
+Solution originally suggested by cbuissar@redhat.com.
+---
+ Resource/Init/gs_res.ps | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Resource/Init/gs_res.ps b/Resource/Init/gs_res.ps
+index d9b3459..b646329 100644
+--- a/Resource/Init/gs_res.ps
++++ b/Resource/Init/gs_res.ps
+@@ -425,7 +425,7 @@ status {
+ % so we have to use .forcedef here.
+ /.Instances 1 index .forcedef % Category dict is read-only
+ } executeonly if
+- }
++ } executeonly
+ { .LocalInstances dup //.emptydict eq
+ { pop 3 dict localinstancedict Category 2 index put
+ }
+--
+2.20.1
+
+
+From a82601e8f95a2f2147f3b3b9e44ec2b8f3a6be8b Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Fri, 22 Feb 2019 12:28:23 +0000
+Subject: [PATCH 2/2] Bug 700576(redux): an extra transient proc needs
+ executeonly'ed.
+
+---
+ Resource/Init/gs_res.ps | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Resource/Init/gs_res.ps b/Resource/Init/gs_res.ps
+index b646329..8c1f29f 100644
+--- a/Resource/Init/gs_res.ps
++++ b/Resource/Init/gs_res.ps
+@@ -437,7 +437,7 @@ status {
+ % Now make the resource value read-only.
+ 0 2 copy get { readonly } .internalstopped pop
+ dup 4 1 roll put exch pop exch pop
+- }
++ } executeonly
+ { /defineresource cvx /typecheck signaloperror
+ }
+ ifelse
+--
+2.20.1
+