Handle GlyphDirectory as an array
Upstream BZ: http://bugs.ghostscript.com/show_bug.cgi?id=697286
This commit is contained in:
David Kaspar [Dee'Kej]
parent
a890cdf30f
commit
f2fcc98430
|
|
@ -0,0 +1,52 @@
|
|||
From 329e0a6d187cc5b5698689d76636ed3214d7efa7 Mon Sep 17 00:00:00 2001
|
||||
From: Chris Liddell <chris.liddell@artifex.com>
|
||||
Date: Thu, 3 Nov 2016 13:09:27 +0000
|
||||
Subject: [PATCH] Bug 697286: handle GlyphDirectory as an array
|
||||
|
||||
For high level devices that need to copy CIDFonts, we need to establish the
|
||||
highest CID in a given CIDFont. If the font has a GlyphDirectory dictionary
|
||||
the only way to do so is to iterate through the keys to find the highest.
|
||||
|
||||
The code handling this ignored that the GlyphDirectory could be an array,
|
||||
which confused the dictionary content iterator, and caused a segfault.
|
||||
|
||||
In the case of an array, set the high CID to the highest index available in the
|
||||
array.
|
||||
---
|
||||
psi/zfcid.c | 18 +++++++++++-------
|
||||
1 file changed, 11 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/psi/zfcid.c b/psi/zfcid.c
|
||||
index ce583af..3098a22 100644
|
||||
--- a/psi/zfcid.c
|
||||
+++ b/psi/zfcid.c
|
||||
@@ -76,15 +76,19 @@ cid_font_data_param(os_ptr op, gs_font_cid_data *pdata, ref *pGlyphDirectory)
|
||||
* the number of CIDs in the font. We need to know the maximum CID
|
||||
* when copying fonts, so calculate and store it now.
|
||||
*/
|
||||
- index = dict_first(pgdir);
|
||||
- while (index >= 0) {
|
||||
- index = dict_next(pgdir, index, (ref *)&element);
|
||||
- if (index >= 0) {
|
||||
- if (element[0].value.intval > pdata->MaxCID)
|
||||
- pdata->MaxCID = element[0].value.intval;
|
||||
+ if (r_has_type(pgdir, t_dictionary)) {
|
||||
+ index = dict_first(pgdir);
|
||||
+ while (index >= 0) {
|
||||
+ index = dict_next(pgdir, index, (ref *)&element);
|
||||
+ if (index >= 0) {
|
||||
+ if (element[0].value.intval > pdata->MaxCID)
|
||||
+ pdata->MaxCID = element[0].value.intval;
|
||||
+ }
|
||||
}
|
||||
}
|
||||
-
|
||||
+ else {
|
||||
+ pdata->MaxCID = r_size(pgdir) - 1;
|
||||
+ }
|
||||
return code;
|
||||
} else {
|
||||
return_error(gs_error_typecheck);
|
||||
--
|
||||
2.7.4
|
||||
|
||||
|
|
@ -5,7 +5,7 @@ Summary: A PostScript interpreter and renderer
|
|||
Name: ghostscript
|
||||
Version: %{gs_ver}
|
||||
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
|
||||
# Included CMap data is Redistributable, no modification permitted,
|
||||
# see http://bugzilla.redhat.com/487510
|
||||
|
|
@ -20,6 +20,7 @@ Patch1: ghostscript-9.20-fix-openjpeg-system-build.patch
|
|||
Patch2: ghostscript-9.20-runlibfileifexists.patch
|
||||
Patch3: ghostscript-9.20-run-dvipdf-securely.patch
|
||||
Patch4: ghostscript-9.20-urw-fonts-naming.patch
|
||||
Patch10: ghostscript-9.20-handle-glyphdirectory-correctly.patch
|
||||
|
||||
# Security patches:
|
||||
Patch5: ghostscript-9.20-cve-2016-7979.patch
|
||||
|
|
@ -143,6 +144,9 @@ rm -rf expat freetype icclib jasper jpeg jpegxr lcms lcms2 libpng openjpeg zlib
|
|||
# Honor -dSAFER in .libfile (bug #1380415):
|
||||
%patch9 -p1
|
||||
|
||||
# handle GlyphDirectory as an array (http://bugs.ghostscript.com/show_bug.cgi?id=697286):
|
||||
%patch10 -p1
|
||||
|
||||
# Convert manual pages to UTF-8
|
||||
from8859_1() {
|
||||
iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_"
|
||||
|
|
@ -339,6 +343,10 @@ rm -rf $RPM_BUILD_ROOT
|
|||
%{_libdir}/libgs.so
|
||||
|
||||
%changelog
|
||||
* Thu Nov 3 2016 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.20-5
|
||||
- Added fix to avoid SIGSEGV for some *.ps files. More info here:
|
||||
<http://bugs.ghostscript.com/show_bug.cgi?id=697286>
|
||||
|
||||
* Tue Nov 1 2016 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.20-4
|
||||
- Added security fix for CVE-2016-7977 (bug #1380415)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue