More security fixes for bug #599564.

This commit is contained in:
Tim Waugh 2010-08-25 16:06:50 +01:00
parent 5a5e48476c
commit 0c1e7532d2
3 changed files with 1652 additions and 18 deletions

1414
ghostscript--P-.patch Normal file

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
diff -up ghostscript-8.71/base/bcwin32.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/bcwin32.mak diff -up ghostscript-8.71/base/bcwin32.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/bcwin32.mak
--- ghostscript-8.71/base/bcwin32.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 --- ghostscript-8.71/base/bcwin32.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/bcwin32.mak 2010-08-25 14:00:12.290019965 +0100 +++ ghostscript-8.71/base/bcwin32.mak 2010-08-25 16:00:06.732142141 +0100
@@ -78,13 +78,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini @@ -78,13 +78,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -19,7 +19,7 @@ diff -up ghostscript-8.71/base/bcwin32.mak.SEARCH_HERE_FIRST ghostscript-8.71/ba
# Define the name of the interpreter initialization file. # Define the name of the interpreter initialization file.
diff -up ghostscript-8.71/base/macos-mcp.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/macos-mcp.mak diff -up ghostscript-8.71/base/macos-mcp.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/macos-mcp.mak
--- ghostscript-8.71/base/macos-mcp.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 --- ghostscript-8.71/base/macos-mcp.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/macos-mcp.mak 2010-08-25 14:00:12.297143504 +0100 +++ ghostscript-8.71/base/macos-mcp.mak 2010-08-25 16:00:06.735142115 +0100
@@ -53,12 +53,9 @@ GS_DOCDIR=:doc @@ -53,12 +53,9 @@ GS_DOCDIR=:doc
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -37,7 +37,7 @@ diff -up ghostscript-8.71/base/macos-mcp.mak.SEARCH_HERE_FIRST ghostscript-8.71/
# (There is no reason to change this.) # (There is no reason to change this.)
diff -up ghostscript-8.71/base/macosx.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/macosx.mak diff -up ghostscript-8.71/base/macosx.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/macosx.mak
--- ghostscript-8.71/base/macosx.mak.SEARCH_HERE_FIRST 2008-10-02 20:33:22.000000000 +0100 --- ghostscript-8.71/base/macosx.mak.SEARCH_HERE_FIRST 2008-10-02 20:33:22.000000000 +0100
+++ ghostscript-8.71/base/macosx.mak 2010-08-25 14:00:12.327017571 +0100 +++ ghostscript-8.71/base/macosx.mak 2010-08-25 16:00:06.745019041 +0100
@@ -78,12 +78,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini @@ -78,12 +78,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -55,7 +55,7 @@ diff -up ghostscript-8.71/base/macosx.mak.SEARCH_HERE_FIRST ghostscript-8.71/bas
# (There is no reason to change this.) # (There is no reason to change this.)
diff -up ghostscript-8.71/base/Makefile.in.SEARCH_HERE_FIRST ghostscript-8.71/base/Makefile.in diff -up ghostscript-8.71/base/Makefile.in.SEARCH_HERE_FIRST ghostscript-8.71/base/Makefile.in
--- ghostscript-8.71/base/Makefile.in.SEARCH_HERE_FIRST 2009-12-18 07:04:10.000000000 +0000 --- ghostscript-8.71/base/Makefile.in.SEARCH_HERE_FIRST 2009-12-18 07:04:10.000000000 +0000
+++ ghostscript-8.71/base/Makefile.in 2010-08-25 14:00:12.335142758 +0100 +++ ghostscript-8.71/base/Makefile.in 2010-08-25 16:00:06.767101477 +0100
@@ -96,12 +96,9 @@ GS_CACHE_DIR="~/.ghostscript/cache/" @@ -96,12 +96,9 @@ GS_CACHE_DIR="~/.ghostscript/cache/"
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -73,7 +73,7 @@ diff -up ghostscript-8.71/base/Makefile.in.SEARCH_HERE_FIRST ghostscript-8.71/ba
# (There is no reason to change this.) # (There is no reason to change this.)
diff -up ghostscript-8.71/base/msvclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/msvclib.mak diff -up ghostscript-8.71/base/msvclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/msvclib.mak
--- ghostscript-8.71/base/msvclib.mak.SEARCH_HERE_FIRST 2010-01-07 10:53:36.000000000 +0000 --- ghostscript-8.71/base/msvclib.mak.SEARCH_HERE_FIRST 2010-01-07 10:53:36.000000000 +0000
+++ ghostscript-8.71/base/msvclib.mak 2010-08-25 14:00:12.359017810 +0100 +++ ghostscript-8.71/base/msvclib.mak 2010-08-25 16:00:06.790017275 +0100
@@ -49,13 +49,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini @@ -49,13 +49,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -92,7 +92,7 @@ diff -up ghostscript-8.71/base/msvclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/ba
# Define the name of the interpreter initialization file. # Define the name of the interpreter initialization file.
diff -up ghostscript-8.71/base/openvms.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/openvms.mak diff -up ghostscript-8.71/base/openvms.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/openvms.mak
--- ghostscript-8.71/base/openvms.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 --- ghostscript-8.71/base/openvms.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/openvms.mak 2010-08-25 14:00:12.382018536 +0100 +++ ghostscript-8.71/base/openvms.mak 2010-08-25 16:00:06.819017200 +0100
@@ -68,12 +68,9 @@ GS_LIB_DEFAULT=GS_ROOT:[RESOURCE.INIT],G @@ -68,12 +68,9 @@ GS_LIB_DEFAULT=GS_ROOT:[RESOURCE.INIT],G
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -110,7 +110,7 @@ diff -up ghostscript-8.71/base/openvms.mak.SEARCH_HERE_FIRST ghostscript-8.71/ba
# (There is no reason to change this.) # (There is no reason to change this.)
diff -up ghostscript-8.71/base/openvms.mmk.SEARCH_HERE_FIRST ghostscript-8.71/base/openvms.mmk diff -up ghostscript-8.71/base/openvms.mmk.SEARCH_HERE_FIRST ghostscript-8.71/base/openvms.mmk
--- ghostscript-8.71/base/openvms.mmk.SEARCH_HERE_FIRST 2009-01-08 09:17:18.000000000 +0000 --- ghostscript-8.71/base/openvms.mmk.SEARCH_HERE_FIRST 2009-01-08 09:17:18.000000000 +0000
+++ ghostscript-8.71/base/openvms.mmk 2010-08-25 14:00:12.408142641 +0100 +++ ghostscript-8.71/base/openvms.mmk 2010-08-25 16:00:06.834017369 +0100
@@ -73,12 +73,9 @@ GS_LIB_DEFAULT=GS_LIB @@ -73,12 +73,9 @@ GS_LIB_DEFAULT=GS_LIB
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -128,7 +128,7 @@ diff -up ghostscript-8.71/base/openvms.mmk.SEARCH_HERE_FIRST ghostscript-8.71/ba
# (There is no reason to change this.) # (There is no reason to change this.)
diff -up ghostscript-8.71/base/ugcclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/ugcclib.mak diff -up ghostscript-8.71/base/ugcclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/ugcclib.mak
--- ghostscript-8.71/base/ugcclib.mak.SEARCH_HERE_FIRST 2008-11-05 20:41:22.000000000 +0000 --- ghostscript-8.71/base/ugcclib.mak.SEARCH_HERE_FIRST 2008-11-05 20:41:22.000000000 +0000
+++ ghostscript-8.71/base/ugcclib.mak 2010-08-25 14:00:12.446144216 +0100 +++ ghostscript-8.71/base/ugcclib.mak 2010-08-25 16:00:06.842017457 +0100
@@ -30,7 +30,7 @@ gsdir = /usr/local/share/ghostscript @@ -30,7 +30,7 @@ gsdir = /usr/local/share/ghostscript
gsdatadir = $(gsdir)/$(GS_DOT_VERSION) gsdatadir = $(gsdir)/$(GS_DOT_VERSION)
GS_DOCDIR=$(gsdatadir)/doc GS_DOCDIR=$(gsdatadir)/doc
@ -140,7 +140,7 @@ diff -up ghostscript-8.71/base/ugcclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/ba
#GENOPT=-DDEBUG #GENOPT=-DDEBUG
diff -up ghostscript-8.71/base/unixansi.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/unixansi.mak diff -up ghostscript-8.71/base/unixansi.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/unixansi.mak
--- ghostscript-8.71/base/unixansi.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 --- ghostscript-8.71/base/unixansi.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/unixansi.mak 2010-08-25 14:00:12.485143635 +0100 +++ ghostscript-8.71/base/unixansi.mak 2010-08-25 16:00:06.858017358 +0100
@@ -73,12 +73,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini @@ -73,12 +73,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -158,7 +158,7 @@ diff -up ghostscript-8.71/base/unixansi.mak.SEARCH_HERE_FIRST ghostscript-8.71/b
# (There is no reason to change this.) # (There is no reason to change this.)
diff -up ghostscript-8.71/base/unix-gcc.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/unix-gcc.mak diff -up ghostscript-8.71/base/unix-gcc.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/unix-gcc.mak
--- ghostscript-8.71/base/unix-gcc.mak.SEARCH_HERE_FIRST 2009-11-11 15:50:28.000000000 +0000 --- ghostscript-8.71/base/unix-gcc.mak.SEARCH_HERE_FIRST 2009-11-11 15:50:28.000000000 +0000
+++ ghostscript-8.71/base/unix-gcc.mak 2010-08-25 14:00:12.501143978 +0100 +++ ghostscript-8.71/base/unix-gcc.mak 2010-08-25 16:00:06.888017760 +0100
@@ -77,12 +77,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini @@ -77,12 +77,9 @@ GS_LIB_DEFAULT=$(gsdatadir)/Resource/Ini
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -176,7 +176,7 @@ diff -up ghostscript-8.71/base/unix-gcc.mak.SEARCH_HERE_FIRST ghostscript-8.71/b
# (There is no reason to change this.) # (There is no reason to change this.)
diff -up ghostscript-8.71/base/watclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/watclib.mak diff -up ghostscript-8.71/base/watclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/watclib.mak
--- ghostscript-8.71/base/watclib.mak.SEARCH_HERE_FIRST 2009-01-08 09:17:18.000000000 +0000 --- ghostscript-8.71/base/watclib.mak.SEARCH_HERE_FIRST 2009-01-08 09:17:18.000000000 +0000
+++ ghostscript-8.71/base/watclib.mak 2010-08-25 14:00:12.509143140 +0100 +++ ghostscript-8.71/base/watclib.mak 2010-08-25 16:00:06.896017307 +0100
@@ -20,7 +20,7 @@ AROOTDIR=c:/gs @@ -20,7 +20,7 @@ AROOTDIR=c:/gs
GSROOTDIR=$(AROOTDIR)/gs$(GS_DOT_VERSION) GSROOTDIR=$(AROOTDIR)/gs$(GS_DOT_VERSION)
GS_DOCDIR=$(GSROOTDIR)/doc GS_DOCDIR=$(GSROOTDIR)/doc
@ -188,7 +188,7 @@ diff -up ghostscript-8.71/base/watclib.mak.SEARCH_HERE_FIRST ghostscript-8.71/ba
!ifndef DEBUG !ifndef DEBUG
diff -up ghostscript-8.71/base/watcw32.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/watcw32.mak diff -up ghostscript-8.71/base/watcw32.mak.SEARCH_HERE_FIRST ghostscript-8.71/base/watcw32.mak
--- ghostscript-8.71/base/watcw32.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 --- ghostscript-8.71/base/watcw32.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/base/watcw32.mak 2010-08-25 14:00:12.525143422 +0100 +++ ghostscript-8.71/base/watcw32.mak 2010-08-25 16:00:06.914017272 +0100
@@ -54,11 +54,8 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini @@ -54,11 +54,8 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
# look in the current directory first. This leads to well-known security # look in the current directory first. This leads to well-known security
@ -204,7 +204,7 @@ diff -up ghostscript-8.71/base/watcw32.mak.SEARCH_HERE_FIRST ghostscript-8.71/ba
# (There is no reason to change this.) # (There is no reason to change this.)
diff -up ghostscript-8.71/doc/Use.htm.SEARCH_HERE_FIRST ghostscript-8.71/doc/Use.htm diff -up ghostscript-8.71/doc/Use.htm.SEARCH_HERE_FIRST ghostscript-8.71/doc/Use.htm
--- ghostscript-8.71/doc/Use.htm.SEARCH_HERE_FIRST 2010-02-10 18:17:48.000000000 +0000 --- ghostscript-8.71/doc/Use.htm.SEARCH_HERE_FIRST 2010-02-10 18:17:48.000000000 +0000
+++ ghostscript-8.71/doc/Use.htm 2010-08-25 14:00:12.552143446 +0100 +++ ghostscript-8.71/doc/Use.htm 2010-08-25 16:00:06.949017319 +0100
@@ -823,8 +823,8 @@ file name specifies an absolute path. @@ -823,8 +823,8 @@ file name specifies an absolute path.
using the name given. Otherwise it tries directories in this order: using the name given. Otherwise it tries directories in this order:
@ -253,7 +253,7 @@ diff -up ghostscript-8.71/doc/Use.htm.SEARCH_HERE_FIRST ghostscript-8.71/doc/Use
<h4><a name="Parameters"></a>Setting parameters</h4> <h4><a name="Parameters"></a>Setting parameters</h4>
diff -up ghostscript-8.71/man/gs.1.SEARCH_HERE_FIRST ghostscript-8.71/man/gs.1 diff -up ghostscript-8.71/man/gs.1.SEARCH_HERE_FIRST ghostscript-8.71/man/gs.1
--- ghostscript-8.71/man/gs.1.SEARCH_HERE_FIRST 2010-02-10 18:17:48.000000000 +0000 --- ghostscript-8.71/man/gs.1.SEARCH_HERE_FIRST 2010-02-10 18:17:48.000000000 +0000
+++ ghostscript-8.71/man/gs.1 2010-08-25 14:00:12.562143368 +0100 +++ ghostscript-8.71/man/gs.1 2010-08-25 16:00:06.952017346 +0100
@@ -208,6 +208,12 @@ whereas \fB\-sname=35\fR is equivalent t @@ -208,6 +208,12 @@ whereas \fB\-sname=35\fR is equivalent t
.br .br
/name (35) def /name (35) def
@ -269,7 +269,7 @@ diff -up ghostscript-8.71/man/gs.1.SEARCH_HERE_FIRST ghostscript-8.71/man/gs.1
equivalent of \fB\-dQUIET\fR. equivalent of \fB\-dQUIET\fR.
diff -up ghostscript-8.71/psi/msvc32.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/msvc32.mak diff -up ghostscript-8.71/psi/msvc32.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/msvc32.mak
--- ghostscript-8.71/psi/msvc32.mak.SEARCH_HERE_FIRST 2010-02-02 18:14:37.000000000 +0000 --- ghostscript-8.71/psi/msvc32.mak.SEARCH_HERE_FIRST 2010-02-02 18:14:37.000000000 +0000
+++ ghostscript-8.71/psi/msvc32.mak 2010-08-25 14:00:12.594142799 +0100 +++ ghostscript-8.71/psi/msvc32.mak 2010-08-25 16:00:06.954017446 +0100
@@ -100,13 +100,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini @@ -100,13 +100,10 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -288,7 +288,7 @@ diff -up ghostscript-8.71/psi/msvc32.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/
# Define the name of the interpreter initialization file. # Define the name of the interpreter initialization file.
diff -up ghostscript-8.71/psi/os2.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/os2.mak diff -up ghostscript-8.71/psi/os2.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/os2.mak
--- ghostscript-8.71/psi/os2.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000 --- ghostscript-8.71/psi/os2.mak.SEARCH_HERE_FIRST 2009-11-05 22:24:30.000000000 +0000
+++ ghostscript-8.71/psi/os2.mak 2010-08-25 14:00:12.621143319 +0100 +++ ghostscript-8.71/psi/os2.mak 2010-08-25 16:00:06.956017546 +0100
@@ -54,12 +54,9 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini @@ -54,12 +54,9 @@ GS_LIB_DEFAULT=$(GSROOTDIR)/Resource/Ini
# Define whether or not searching for initialization files should always # Define whether or not searching for initialization files should always
@ -304,9 +304,221 @@ diff -up ghostscript-8.71/psi/os2.mak.SEARCH_HERE_FIRST ghostscript-8.71/psi/os2
# Define the name of the interpreter initialization file. # Define the name of the interpreter initialization file.
# (There is no reason to change this.) # (There is no reason to change this.)
diff -up ghostscript-8.71/psi/zfile.c.SEARCH_HERE_FIRST ghostscript-8.71/psi/zfile.c
--- ghostscript-8.71/psi/zfile.c.SEARCH_HERE_FIRST 2009-10-04 13:42:07.000000000 +0100
+++ ghostscript-8.71/psi/zfile.c 2010-08-25 16:02:45.521018186 +0100
@@ -903,6 +903,91 @@ check_file_permissions_aux(i_ctx_t *i_ct
}
+/* return zero for success, -ve for error, +1 for continue */
+static int
+lib_file_open_search_with_no_combine(gs_file_path_ptr lib_path, const gs_memory_t *mem, i_ctx_t *i_ctx_p,
+ const char *fname, uint flen, char *buffer, int blen, uint *pclen, ref *pfile,
+ gx_io_device *iodev, bool starting_arg_file, char *fmode)
+{
+ stream *s;
+ uint blen1 = blen;
+ if (gp_file_name_reduce(fname, flen, buffer, &blen1) != gp_combine_success)
+ goto skip;
+ if (iodev_os_open_file(iodev, (const char *)buffer, blen1,
+ (const char *)fmode, &s, (gs_memory_t *)mem) == 0) {
+ if (starting_arg_file ||
+ check_file_permissions_aux(i_ctx_p, buffer, blen1) >= 0) {
+ *pclen = blen1;
+ make_stream_file(pfile, s, "r");
+ return 0;
+ }
+ sclose(s);
+ return_error(e_invalidfileaccess);
+ }
+ skip:;
+ return 1;
+}
+
+/* return zero for success, -ve for error, +1 for continue */
+static int
+lib_file_open_search_with_combine(gs_file_path_ptr lib_path, const gs_memory_t *mem, i_ctx_t *i_ctx_p,
+ const char *fname, uint flen, char *buffer, int blen, uint *pclen, ref *pfile,
+ gx_io_device *iodev, bool starting_arg_file, char *fmode)
+{
+ stream *s;
+ const gs_file_path *pfpath = lib_path;
+ uint pi;
+
+ for (pi = 0; pi < r_size(&pfpath->list); ++pi) {
+ const ref *prdir = pfpath->list.value.refs + pi;
+ const char *pstr = (const char *)prdir->value.const_bytes;
+ uint plen = r_size(prdir), blen1 = blen;
+ gs_parsed_file_name_t pname;
+ gp_file_name_combine_result r;
+
+ /* We need to concatenate and parse the file name here
+ * if this path has a %device% prefix. */
+ if (pstr[0] == '%') {
+ int code;
+
+ /* We concatenate directly since gp_file_name_combine_*
+ * rules are not correct for other devices such as %rom% */
+ code = gs_parse_file_name(&pname, pstr, plen);
+ if (code < 0)
+ continue;
+ memcpy(buffer, pname.fname, pname.len);
+ memcpy(buffer+pname.len, fname, flen);
+ code = pname.iodev->procs.open_file(pname.iodev, buffer, pname.len + flen, fmode,
+ &s, (gs_memory_t *)mem);
+ if (code < 0)
+ continue;
+ make_stream_file(pfile, s, "r");
+ /* fill in the buffer with the device concatenated */
+ memcpy(buffer, pstr, plen);
+ memcpy(buffer+plen, fname, flen);
+ *pclen = plen + flen;
+ return 0;
+ } else {
+ r = gp_file_name_combine(pstr, plen,
+ fname, flen, false, buffer, &blen1);
+ if (r != gp_combine_success)
+ continue;
+ if (iodev_os_open_file(iodev, (const char *)buffer, blen1, (const char *)fmode,
+ &s, (gs_memory_t *)mem) == 0) {
+ if (starting_arg_file ||
+ check_file_permissions_aux(i_ctx_p, buffer, blen1) >= 0) {
+ *pclen = blen1;
+ make_stream_file(pfile, s, "r");
+ return 0;
+ }
+ sclose(s);
+ return_error(e_invalidfileaccess);
+ }
+ }
+ }
+ return 1;
+}
+
/* Return a file object of of the file searched for using the search paths. */
/* The fname cannot contain a device part (%...%) but the lib paths might. */
/* The startup code calls this to open the initialization file gs_init.ps. */
@@ -917,8 +1002,9 @@ lib_file_open(gs_file_path_ptr lib_path
bool search_with_no_combine = false;
bool search_with_combine = false;
char fmode[4] = { 'r', 0, 0, 0 }; /* room for binary suffix */
- stream *s;
gx_io_device *iodev = iodev_default;
+ gs_main_instance *minst = get_minst_from_memory(mem);
+ int code;
/* when starting arg files (@ files) iodev_default is not yet set */
if (iodev == 0)
@@ -932,75 +1018,36 @@ lib_file_open(gs_file_path_ptr lib_path
search_with_no_combine = starting_arg_file;
search_with_combine = true;
}
- if (search_with_no_combine) {
- uint blen1 = blen;
-
- if (gp_file_name_reduce(fname, flen, buffer, &blen1) != gp_combine_success)
- goto skip;
- if (iodev_os_open_file(iodev, (const char *)buffer, blen1,
- (const char *)fmode, &s, (gs_memory_t *)mem) == 0) {
- if (starting_arg_file ||
- check_file_permissions_aux(i_ctx_p, buffer, blen1) >= 0) {
- *pclen = blen1;
- make_stream_file(pfile, s, "r");
- return 0;
- }
- sclose(s);
- return_error(e_invalidfileaccess);
- }
- skip:;
- }
- if (search_with_combine) {
- const gs_file_path *pfpath = lib_path;
- uint pi;
-
- for (pi = 0; pi < r_size(&pfpath->list); ++pi) {
- const ref *prdir = pfpath->list.value.refs + pi;
- const char *pstr = (const char *)prdir->value.const_bytes;
- uint plen = r_size(prdir), blen1 = blen;
- gs_parsed_file_name_t pname;
- gp_file_name_combine_result r;
-
- /* We need to concatenate and parse the file name here
- * if this path has a %device% prefix. */
- if (pstr[0] == '%') {
- int code;
-
- /* We concatenate directly since gp_file_name_combine_*
- * rules are not correct for other devices such as %rom% */
- code = gs_parse_file_name(&pname, pstr, plen);
- if (code < 0)
- continue;
- memcpy(buffer, pname.fname, pname.len);
- memcpy(buffer+pname.len, fname, flen);
- code = pname.iodev->procs.open_file(pname.iodev, buffer, pname.len + flen, fmode,
- &s, (gs_memory_t *)mem);
- if (code < 0)
- continue;
- make_stream_file(pfile, s, "r");
- /* fill in the buffer with the device concatenated */
- memcpy(buffer, pstr, plen);
- memcpy(buffer+plen, fname, flen);
- *pclen = plen + flen;
- return 0;
- } else {
- r = gp_file_name_combine(pstr, plen,
- fname, flen, false, buffer, &blen1);
- if (r != gp_combine_success)
- continue;
- if (iodev_os_open_file(iodev, (const char *)buffer, blen1, (const char *)fmode,
- &s, (gs_memory_t *)mem) == 0) {
- if (starting_arg_file ||
- check_file_permissions_aux(i_ctx_p, buffer, blen1) >= 0) {
- *pclen = blen1;
- make_stream_file(pfile, s, "r");
- return 0;
- }
- sclose(s);
- return_error(e_invalidfileaccess);
- }
- }
- }
+ if (minst->search_here_first) {
+ if (search_with_no_combine) {
+ code = lib_file_open_search_with_no_combine(lib_path, mem, i_ctx_p,
+ fname, flen, buffer, blen, pclen, pfile,
+ iodev, starting_arg_file, fmode);
+ if (code <= 0) /* +ve means continue continue */
+ return code;
+ }
+ if (search_with_combine) {
+ code = lib_file_open_search_with_combine(lib_path, mem, i_ctx_p,
+ fname, flen, buffer, blen, pclen, pfile,
+ iodev, starting_arg_file, fmode);
+ if (code <= 0) /* +ve means continue searching */
+ return code;
+ }
+ } else {
+ if (search_with_combine) {
+ code = lib_file_open_search_with_combine(lib_path, mem, i_ctx_p,
+ fname, flen, buffer, blen, pclen, pfile,
+ iodev, starting_arg_file, fmode);
+ if (code <= 0) /* +ve means continue searching */
+ return code;
+ }
+ if (search_with_no_combine) {
+ code = lib_file_open_search_with_no_combine(lib_path, mem, i_ctx_p,
+ fname, flen, buffer, blen, pclen, pfile,
+ iodev, starting_arg_file, fmode);
+ if (code <= 0) /* +ve means continue searching */
+ return code;
+ }
}
return_error(e_undefinedfilename);
}
diff -up ghostscript-8.71/toolbin/msvcxml.bat.SEARCH_HERE_FIRST ghostscript-8.71/toolbin/msvcxml.bat diff -up ghostscript-8.71/toolbin/msvcxml.bat.SEARCH_HERE_FIRST ghostscript-8.71/toolbin/msvcxml.bat
--- ghostscript-8.71/toolbin/msvcxml.bat.SEARCH_HERE_FIRST 2009-01-26 17:16:47.000000000 +0000 --- ghostscript-8.71/toolbin/msvcxml.bat.SEARCH_HERE_FIRST 2009-01-26 17:16:47.000000000 +0000
+++ ghostscript-8.71/toolbin/msvcxml.bat 2010-08-25 14:00:12.631143783 +0100 +++ ghostscript-8.71/toolbin/msvcxml.bat 2010-08-25 16:00:06.959017477 +0100
@@ -1428,7 +1428,7 @@ echo ^<UserMacro Name="GS_DOCDIR" Valu @@ -1428,7 +1428,7 @@ echo ^<UserMacro Name="GS_DOCDIR" Valu
echo ^<UserMacro Name="GS_INIT" Value="gs_init.ps" /^> echo ^<UserMacro Name="GS_INIT" Value="gs_init.ps" /^>
echo ^<UserMacro Name="GS_LIB_DEFAULT" Value="$(GSROOTDIR)/lib;$(GSROOTDIR)/Resource/Font;$(AROOTDIR)/fonts" /^> echo ^<UserMacro Name="GS_LIB_DEFAULT" Value="$(GSROOTDIR)/lib;$(GSROOTDIR)/Resource/Font;$(AROOTDIR)/fonts" /^>

View File

@ -5,7 +5,7 @@ Summary: A PostScript interpreter and renderer.
Name: ghostscript Name: ghostscript
Version: %{gs_ver} Version: %{gs_ver}
Release: 9%{?dist} Release: 10%{?dist}
# Included CMap data is Redistributable, no modification permitted, # Included CMap data is Redistributable, no modification permitted,
# see http://bugzilla.redhat.com/487510 # see http://bugzilla.redhat.com/487510
@ -37,6 +37,7 @@ Patch19: ghostscript-tiff-fixes.patch
Patch20: ghostscript-CVE-2010-1628.patch Patch20: ghostscript-CVE-2010-1628.patch
Patch21: ghostscript-jbig2-image-refcount.patch Patch21: ghostscript-jbig2-image-refcount.patch
Patch22: ghostscript-SEARCH_HERE_FIRST.patch Patch22: ghostscript-SEARCH_HERE_FIRST.patch
Patch23: ghostscript--P-.patch
Requires: urw-fonts >= 1.1, ghostscript-fonts Requires: urw-fonts >= 1.1, ghostscript-fonts
BuildRequires: xz BuildRequires: xz
@ -174,6 +175,9 @@ rm -rf libpng zlib jpeg jasper
# (bug #599564). # (bug #599564).
%patch22 -p1 -b .SEARCH_HERE_FIRST %patch22 -p1 -b .SEARCH_HERE_FIRST
# Use -P- and -dSAFER in scripts (bug #599564).
%patch23 -p1 -b .-P-
# Convert manual pages to UTF-8 # Convert manual pages to UTF-8
from8859_1() { from8859_1() {
iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_" iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_"
@ -362,6 +366,10 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/libgs.so %{_libdir}/libgs.so
%changelog %changelog
* Wed Aug 25 2010 Tim Waugh <twaugh@redhat.com> 8.71-10
- Fix implementation of -P- (bug #599564).
- Use -P- and -dSAFER in scripts (bug #599564).
* Wed Aug 25 2010 Tim Waugh <twaugh@redhat.com> 8.71-9 * Wed Aug 25 2010 Tim Waugh <twaugh@redhat.com> 8.71-9
- Change SEARCH_HERE_FIRST default to make -P- default instead of -P - Change SEARCH_HERE_FIRST default to make -P- default instead of -P
(bug #599564). (bug #599564).