jcgruenhage/void-packages
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

ghostscript: update to 9.55.0.

Browse source 
Remove patch for CVE-2021-3781 as it is included in the current release.

Include a patch for a typo in the current release:
https://bugs.ghostscript.com/show_bug.cgi?id=704501
This commit is contained in:
chili-b 2022-03-09 00:02:11 -05:00 committed by Leah Neukirchen
parent dcdc264414
commit a37c1fb011
3 changed files with 15 additions and 236 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

233
srcpkgs/ghostscript/patches/CVE-2021-3781.patch
View file

@ -1,233 +0,0 @@
https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=a9bd3dec9fde
From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Tue, 7 Sep 2021 20:36:12 +0100
Subject: [PATCH] Bug 704342: Include device specifier strings in access
validation
for the "%pipe%", %handle%" and %printer% io devices.
We previously validated only the part after the "%pipe%" Postscript device
specifier, but this proved insufficient.
This rebuilds the original file name string, and validates it complete. The
slight complication for "%pipe%" is it can be reached implicitly using
"|" so we have to check both prefixes.
Addresses CVE-2021-3781
---
base/gdevpipe.c | 22 +++++++++++++++-
base/gp_mshdl.c | 11 +++++++-
base/gp_msprn.c | 10 ++++++-
base/gp_os2pr.c | 13 +++++++++-
base/gslibctx.c | 69 ++++++++++---------------------------------------
5 files changed, 65 insertions(+), 60 deletions(-)
diff --git a/base/gdevpipe.c b/base/gdevpipe.c
index 96d71f5d8..5bdc485be 100644
--- a/base/gdevpipe.c
+++ b/base/gdevpipe.c
@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
#else
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ /* The pipe device can be reached in two ways, explicltly with %pipe%
+ or implicitly with "|", so we have to check for both
+ */
+ char f[gp_file_name_sizeof];
+ const char *pipestr = "|";
+ const size_t pipestrlen = strlen(pipestr);
+ const size_t preflen = strlen(iodev->dname);
+ const size_t nlen = strlen(fname);
+ int code1;
+
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(f, iodev->dname, preflen);
+ memcpy(f + preflen, fname, nlen + 1);
+
+ code1 = gp_validate_path(mem, f, access);
+
+ memcpy(f, pipestr, pipestrlen);
+ memcpy(f + pipestrlen, fname, nlen + 1);
- if (gp_validate_path(mem, fname, access) != 0)
+ if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
return gs_error_invalidfileaccess;
/*
diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
index 2b964ed74..8d87ceadc 100644
--- a/base/gp_mshdl.c
+++ b/base/gp_mshdl.c
@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
long hfile; /* Correct for Win32, may be wrong for Win64 */
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ char f[gp_file_name_sizeof];
+ const size_t preflen = strlen(iodev->dname);
+ const size_t nlen = strlen(fname);
- if (gp_validate_path(mem, fname, access) != 0)
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(f, iodev->dname, preflen);
+ memcpy(f + preflen, fname, nlen + 1);
+
+ if (gp_validate_path(mem, f, access) != 0)
return gs_error_invalidfileaccess;
/* First we try the open_handle method. */
diff --git a/base/gp_msprn.c b/base/gp_msprn.c
index ed4827968..746a974f7 100644
--- a/base/gp_msprn.c
+++ b/base/gp_msprn.c
@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ const size_t preflen = strlen(iodev->dname);
+ const size_t nlen = strlen(fname);
- if (gp_validate_path(mem, fname, access) != 0)
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(pname, iodev->dname, preflen);
+ memcpy(pname + preflen, fname, nlen + 1);
+
+ if (gp_validate_path(mem, pname, access) != 0)
return gs_error_invalidfileaccess;
/* First we try the open_printer method. */
diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
index f852c71fc..ba54cde66 100644
--- a/base/gp_os2pr.c
+++ b/base/gp_os2pr.c
@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
FILE ** pfile, char *rfname, uint rnamelen)
{
os2_printer_t *pr = (os2_printer_t *)iodev->state;
- char driver_name[256];
+ char driver_name[gp_file_name_sizeof];
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ const size_t preflen = strlen(iodev->dname);
+ const int size_t = strlen(fname);
+
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(driver_name, iodev->dname, preflen);
+ memcpy(driver_name + preflen, fname, nlen + 1);
+
+ if (gp_validate_path(mem, driver_name, access) != 0)
+ return gs_error_invalidfileaccess;
/* First we try the open_printer method. */
/* Note that the loop condition here ensures we don't
diff --git a/base/gslibctx.c b/base/gslibctx.c
index 6dfed6cd5..318039fad 100644
--- a/base/gslibctx.c
+++ b/base/gslibctx.c
@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
int
gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
{
- char *fp, f[gp_file_name_sizeof];
- const int pipe = 124; /* ASCII code for '|' */
- const int len = strlen(fname);
- int i, code;
+ char f[gp_file_name_sizeof];
+ int code;
/* Be sure the string copy will fit */
- if (len >= gp_file_name_sizeof)
+ if (strlen(fname) >= gp_file_name_sizeof)
return gs_error_rangecheck;
strcpy(f, fname);
- fp = f;
/* Try to rewrite any %d (or similar) in the string */
rewrite_percent_specifiers(f);
- for (i = 0; i < len; i++) {
- if (f[i] == pipe) {
- fp = &f[i + 1];
- /* Because we potentially have to check file permissions at two levels
- for the output file (gx_device_open_output_file and the low level
- fopen API, if we're using a pipe, we have to add both the full string,
- (including the '|', and just the command to which we pipe - since at
- the pipe_fopen(), the leading '|' has been stripped.
- */
- code = gs_add_control_path(mem, gs_permit_file_writing, f);
- if (code < 0)
- return code;
- code = gs_add_control_path(mem, gs_permit_file_control, f);
- if (code < 0)
- return code;
- break;
- }
- if (!IS_WHITESPACE(f[i]))
- break;
- }
- code = gs_add_control_path(mem, gs_permit_file_control, fp);
+
+ code = gs_add_control_path(mem, gs_permit_file_control, f);
if (code < 0)
return code;
- return gs_add_control_path(mem, gs_permit_file_writing, fp);
+ return gs_add_control_path(mem, gs_permit_file_writing, f);
}
int
gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
{
- char *fp, f[gp_file_name_sizeof];
- const int pipe = 124; /* ASCII code for '|' */
- const int len = strlen(fname);
- int i, code;
+ char f[gp_file_name_sizeof];
+ int code;
/* Be sure the string copy will fit */
- if (len >= gp_file_name_sizeof)
+ if (strlen(fname) >= gp_file_name_sizeof)
return gs_error_rangecheck;
strcpy(f, fname);
- fp = f;
/* Try to rewrite any %d (or similar) in the string */
- for (i = 0; i < len; i++) {
- if (f[i] == pipe) {
- fp = &f[i + 1];
- /* Because we potentially have to check file permissions at two levels
- for the output file (gx_device_open_output_file and the low level
- fopen API, if we're using a pipe, we have to add both the full string,
- (including the '|', and just the command to which we pipe - since at
- the pipe_fopen(), the leading '|' has been stripped.
- */
- code = gs_remove_control_path(mem, gs_permit_file_writing, f);
- if (code < 0)
- return code;
- code = gs_remove_control_path(mem, gs_permit_file_control, f);
- if (code < 0)
- return code;
- break;
- }
- if (!IS_WHITESPACE(f[i]))
- break;
- }
- code = gs_remove_control_path(mem, gs_permit_file_control, fp);
+ rewrite_percent_specifiers(f);
+
+ code = gs_remove_control_path(mem, gs_permit_file_control, f);
if (code < 0)
return code;
- return gs_remove_control_path(mem, gs_permit_file_writing, fp);
+ return gs_remove_control_path(mem, gs_permit_file_writing, f);
}
int
--
2.17.1

11
srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch Normal file
View file

@ -0,0 +1,11 @@
--- ./base/gsicc_lcms2.c.jlg 2021-09-27 03:44:02.000000000 -0400
+++ ./base/gsicc_lcms2.c 2021-10-05 10:50:03.428000000 -0400
@@ -462,7 +462,7 @@
gscms_transform_color(gx_device *dev, gsicc_link_t *icclink, void *inputcolor,
void *outputcolor, int num_bytes)
{
- return gscms_transformm_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
+ return gscms_transform_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
}
int

7
srcpkgs/ghostscript/template
View file

@ -1,7 +1,7 @@
# Template file for 'ghostscript'
pkgname=ghostscript
version=9.54.0
revision=2
version=9.55.0
revision=1
hostmakedepends="automake libtool pkg-config"
makedepends="$(vopt_if cups cups-devel) dbus-devel fontconfig-devel jasper-devel jbig2dec-devel
lcms2-devel libXext-devel libXt-devel libopenjpeg2-devel libpaper-devel"
@ -10,8 +10,9 @@ short_desc="Interpreter for the PostScript language"
maintainer="Orphaned <orphan@voidlinux.org>"
license="AGPL-3.0-or-later, CPL-1.0"
homepage="https://www.ghostscript.com/"
changelog="https://www.ghostscript.com/doc/${version}/News.htm"
distfiles="https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${version//./}/ghostscript-${version}.tar.xz"
checksum=c2b7b43cde600f4e70efb2cd95865f6d884a67315c3de235914697d8ccde6e3b
checksum=6ee3057773646d6a2c6d117eb53a17d6752feadc513828e4322f68b7b7789ff6
build_options="cups"
build_options_default="cups"