Blame SOURCES/ghostscript-cve-2019-3838.patch

483aca
From ed9fcd95bb01f0768bf273b2526732e381202319 Mon Sep 17 00:00:00 2001
483aca
From: Chris Liddell <chris.liddell@artifex.com>
483aca
Date: Wed, 20 Feb 2019 09:54:28 +0000
483aca
Subject: [PATCH 1/2] Bug 700576: Make a transient proc executeonly (in
483aca
 DefineResource).
483aca
483aca
This prevents access to .forceput
483aca
483aca
Solution originally suggested by cbuissar@redhat.com.
483aca
---
483aca
 Resource/Init/gs_res.ps | 2 +-
483aca
 1 file changed, 1 insertion(+), 1 deletion(-)
483aca
483aca
diff --git a/Resource/Init/gs_res.ps b/Resource/Init/gs_res.ps
483aca
index d9b3459..b646329 100644
483aca
--- a/Resource/Init/gs_res.ps
483aca
+++ b/Resource/Init/gs_res.ps
483aca
@@ -425,7 +425,7 @@ status {
483aca
                         % so we have to use .forcedef here.
483aca
                   /.Instances 1 index .forcedef	% Category dict is read-only
483aca
                 } executeonly if
483aca
-              }
483aca
+              } executeonly
483aca
               { .LocalInstances dup //.emptydict eq
483aca
                  { pop 3 dict localinstancedict Category 2 index put
483aca
                  }
483aca
-- 
483aca
2.20.1
483aca
483aca
483aca
From a82601e8f95a2f2147f3b3b9e44ec2b8f3a6be8b Mon Sep 17 00:00:00 2001
483aca
From: Chris Liddell <chris.liddell@artifex.com>
483aca
Date: Fri, 22 Feb 2019 12:28:23 +0000
483aca
Subject: [PATCH 2/2] Bug 700576(redux): an extra transient proc needs
483aca
 executeonly'ed.
483aca
483aca
---
483aca
 Resource/Init/gs_res.ps | 2 +-
483aca
 1 file changed, 1 insertion(+), 1 deletion(-)
483aca
483aca
diff --git a/Resource/Init/gs_res.ps b/Resource/Init/gs_res.ps
483aca
index b646329..8c1f29f 100644
483aca
--- a/Resource/Init/gs_res.ps
483aca
+++ b/Resource/Init/gs_res.ps
483aca
@@ -437,7 +437,7 @@ status {
483aca
                         % Now make the resource value read-only.
483aca
              0 2 copy get { readonly } .internalstopped pop
483aca
              dup 4 1 roll put exch pop exch pop
483aca
-           }
483aca
+           } executeonly
483aca
            { /defineresource cvx /typecheck signaloperror
483aca
            }
483aca
         ifelse
483aca
-- 
483aca
2.20.1
483aca