/[packages]/updates/5/ghostscript/current/SOURCES/ghostscript-9.20-cve-2017-9612.patch
ViewVC logotype

Contents of /updates/5/ghostscript/current/SOURCES/ghostscript-9.20-cve-2017-9612.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1160897 - (show annotations) (download)
Thu Sep 28 09:45:10 2017 UTC (22 months, 3 weeks ago) by ns80
File size: 762 byte(s)
- add patches for CVE-2017-9611, CVE-2017-9612, CVE-2017-9726, CVE-2017-9727, CVE-2017-9739, CVE-2017-9835, CVE-2017-11714 (mga#21630)

1 From 98f6da60b9d463c617e631fc254cf6d66f2e8e3c Mon Sep 17 00:00:00 2001
2 From: Chris Liddell <chris.liddell@artifex.com>
3 Date: Mon, 12 Jun 2017 13:15:17 +0100
4 Subject: [PATCH] Bug 698026: bounds check zone pointers in Ins_IP()
5
6 ---
7 base/ttinterp.c | 4 +++-
8 1 file changed, 3 insertions(+), 1 deletion(-)
9
10 diff --git a/base/ttinterp.c b/base/ttinterp.c
11 index f6a6d95..e7c9d68 100644
12 --- a/base/ttinterp.c
13 +++ b/base/ttinterp.c
14 @@ -4129,7 +4129,9 @@ static int nInstrCount=0;
15 Int point;
16 (void)args;
17
18 - if ( CUR.top < CUR.GS.loop )
19 + if ( CUR.top < CUR.GS.loop ||
20 + BOUNDS(CUR.GS.rp1, CUR.zp0.n_points) ||
21 + BOUNDS(CUR.GS.rp2, CUR.zp1.n_points))
22 {
23 CUR.error = TT_Err_Invalid_Reference;
24 return;
25 --
26 2.9.1
27

  ViewVC Help
Powered by ViewVC 1.1.26