|
|
518276 |
From: Chris Liddell <chris.liddell@artifex.com>
|
|
|
518276 |
Date: Wed, 20 Feb 2019 09:54:28 +0000 (+0000)
|
|
|
518276 |
Subject: Bug 700576: Make a transient proc executeonly (in DefineResource).
|
|
|
518276 |
|
|
|
518276 |
Bug 700576: Make a transient proc executeonly (in DefineResource).
|
|
|
518276 |
|
|
|
518276 |
This prevents access to .forceput
|
|
|
518276 |
|
|
|
518276 |
Solution originally suggested by cbuissar@redhat.com.
|
|
|
518276 |
|
|
|
518276 |
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ed9fcd95bb01f0768bf273b2526732e381202319
|
|
|
518276 |
|
|
|
518276 |
From: Chris Liddell <chris.liddell@artifex.com>
|
|
|
518276 |
Date: Fri, 22 Feb 2019 12:28:23 +0000 (+0000)
|
|
|
518276 |
Subject: Bug 700576(redux): an extra transient proc needs executeonly'ed.
|
|
|
518276 |
|
|
|
518276 |
Bug 700576(redux): an extra transient proc needs executeonly'ed.
|
|
|
518276 |
|
|
|
518276 |
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a82601e8f95a2f2147f3b3b9e44ec2b8f3a6be8b
|
|
|
518276 |
---
|
|
|
518276 |
|
|
|
518276 |
diff -up ghostscript-9.07/Resource/Init/gs_res.ps.cve-2019-3838 ghostscript-9.07/Resource/Init/gs_res.ps
|
|
|
518276 |
--- ghostscript-9.07/Resource/Init/gs_res.ps.cve-2019-3838 2019-02-28 12:08:09.181546939 +0100
|
|
|
518276 |
+++ ghostscript-9.07/Resource/Init/gs_res.ps 2019-02-28 12:09:32.410456904 +0100
|
|
|
518276 |
@@ -425,7 +425,7 @@ status {
|
|
|
518276 |
% so we have to use .forcedef here.
|
|
|
518276 |
/.Instances 1 index .forcedef % Category dict is read-only
|
|
|
518276 |
} executeonly if
|
|
|
518276 |
- }
|
|
|
518276 |
+ } executeonly
|
|
|
518276 |
{ .LocalInstances dup //.emptydict eq
|
|
|
518276 |
{ pop 3 dict localinstancedict Category 2 index put
|
|
|
518276 |
}
|
|
|
518276 |
@@ -437,7 +437,7 @@ status {
|
|
|
518276 |
% Now make the resource value read-only.
|
|
|
518276 |
0 2 copy get { readonly } .internalstopped pop
|
|
|
518276 |
dup 4 1 roll put exch pop exch pop
|
|
|
518276 |
- }
|
|
|
518276 |
+ } executeonly
|
|
|
518276 |
{ /defineresource cvx /typecheck signaloperror
|
|
|
518276 |
}
|
|
|
518276 |
ifelse
|