Accepting request 614286 from home:jsmeix:branches:Printing

CVE-2018-10194.patch fixes stack-based buffer overflow (bsc#1090099) OBS-URL: https://build.opensuse.org/request/show/614286 OBS-URL: https://build.opensuse.org/package/show/Printing/ghostscript?expand=0&rev=91
2018-06-05 13:32:09 +00:00 · 2018-06-05 13:32:09 +00:00 · 1829075053
commit 1829075053
parent dc0a03b301
5 changed files with 54 additions and 0 deletions
--- a/CVE-2018-10194.patch
+++ b/CVE-2018-10194.patch
@ -0,0 +1,18 @@
 --- devices/vector/gdevpdts.c.orig	2018-03-21 09:48:06.000000000 +0100
 +++ devices/vector/gdevpdts.c	2018-06-05 14:39:39.000000000 +0200
@@ -103,9 +103,14 @@ append_text_move(pdf_text_state_t *pts,
 static int
 set_text_distance(gs_point *pdist, double dx, double dy, const gs_matrix *pmat)
 {
 -    int code = gs_distance_transform_inverse(dx, dy, pmat, pdist);
 +    int code;
     double rounded;
 +    if (dx > 1e38 || dy > 1e38)
 +        code = gs_error_undefinedresult;
 +    else
 +        code = gs_distance_transform_inverse(dx, dy, pmat, pdist);
 +
     if (code == gs_error_undefinedresult) {
         /* The CTM is degenerate.
            Can't know the distance in user space.
--- a/ghostscript-mini.changes
+++ b/ghostscript-mini.changes
@ -1,3 +1,11 @@
 -------------------------------------------------------------------
 Tue Jun  5 14:47:59 CEST 2018 - jsmeix@suse.de
 - CVE-2018-10194.patch fixes stack-based buffer overflow
  in gdevpdts.c (bsc#1090099), see
  https://bugs.ghostscript.com/show_bug.cgi?id=699255 and
  http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
 -------------------------------------------------------------------
 Thu Mar 22 12:51:39 CET 2018 - jsmeix@suse.de
--- a/ghostscript-mini.spec
+++ b/ghostscript-mini.spec
@ -79,6 +79,11 @@ Patch12:        fix_ln_docdir_gsdatadir.patch
 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
 # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball:
 Patch100:       remove-zlib-h-dependency.patch
 # Patch101 fixes stack-based buffer overflow in gdevpdts.c
 # see https://bugzilla.suse.com/show_bug.cgi?id=1090099
 # and https://bugs.ghostscript.com/show_bug.cgi?id=699255
 # and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
 Patch101:       CVE-2018-10194.patch
 # RPM dependencies:
 Conflicts:      ghostscript
 Conflicts:      ghostscript-x11
@ -149,6 +154,11 @@ This package contains the development files for Minimal Ghostscript.
 # and disable remove-zlib-h-dependency.patch because
 # Ghostscript 9.21 does no longer build this way:
 #patch100 -p1 -b remove-zlib-h-dependency.orig
 # Patch101 fixes stack-based buffer overflow in gdevpdts.c
 # see https://bugzilla.suse.com/show_bug.cgi?id=1090099
 # and https://bugs.ghostscript.com/show_bug.cgi?id=699255
 # and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
 %patch101 -b CVE-2018-10194.orig
 # Remove patch backup files to avoid packaging
 # cf. https://build.opensuse.org/request/show/581052
 rm -f Resource/Init/*.ps.orig
--- a/ghostscript.changes
+++ b/ghostscript.changes
@ -1,3 +1,11 @@
 -------------------------------------------------------------------
 Tue Jun  5 14:47:59 CEST 2018 - jsmeix@suse.de
 - CVE-2018-10194.patch fixes stack-based buffer overflow
  in gdevpdts.c (bsc#1090099), see
  https://bugs.ghostscript.com/show_bug.cgi?id=699255 and
  http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
 -------------------------------------------------------------------
 Thu Mar 22 12:51:39 CET 2018 - jsmeix@suse.de
--- a/ghostscript.spec
+++ b/ghostscript.spec
@ -99,6 +99,11 @@ Patch12:        fix_ln_docdir_gsdatadir.patch
 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
 # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball:
 Patch100:       remove-zlib-h-dependency.patch
 # Patch101 fixes stack-based buffer overflow in gdevpdts.c
 # see https://bugzilla.suse.com/show_bug.cgi?id=1090099
 # and https://bugs.ghostscript.com/show_bug.cgi?id=699255
 # and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
 Patch101:       CVE-2018-10194.patch
 # RPM dependencies:
 # Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4 from
 # "rpm -q --provides ghostscript-library" and "rpm -q --provides ghostscript-x11":
@ -285,6 +290,11 @@ This package contains the development files for Ghostscript.
 # and disable remove-zlib-h-dependency.patch because
 # Ghostscript 9.21 does no longer build this way:
 #patch100 -p1 -b remove-zlib-h-dependency.orig
 # Patch101 fixes stack-based buffer overflow in gdevpdts.c
 # see https://bugzilla.suse.com/show_bug.cgi?id=1090099
 # and https://bugs.ghostscript.com/show_bug.cgi?id=699255
 # and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
 %patch101 -b CVE-2018-10194.orig
 # Remove patch backup files to avoid packaging
 # cf. https://build.opensuse.org/request/show/581052
 rm -f Resource/Init/*.ps.orig