On Thu, 2013-07-04 at 13:51 +0200, Jonas Smedegaard wrote: > I will now prepare a 9.05~dfsg-8 release for Sid with this bugfix > applied.
Updated the spu to include both patches, see attached. -- bye, pabs http://wiki.debian.org/PaulWise
diff -Nru ghostscript-9.05~dfsg/debian/changelog ghostscript-9.05~dfsg/debian/changelog --- ghostscript-9.05~dfsg/debian/changelog 2012-11-26 03:23:28.000000000 +1030 +++ ghostscript-9.05~dfsg/debian/changelog 2013-07-05 15:02:48.000000000 +0930 @@ -1,3 +1,10 @@ +ghostscript (9.05~dfsg-6.3+deb7u1) wheezy; urgency=low + + * Add patches to fix endless loops related to unbalanced q/Q + operators. (Closes: #714247) + + -- Paul Wise <p...@debian.org> Mon, 01 Jul 2013 23:28:32 +0930 + ghostscript (9.05~dfsg-6.3) unstable; urgency=low * Non-maintainer upload. diff -Nru ghostscript-9.05~dfsg/debian/patches/020120909~3a56f4e.patch ghostscript-9.05~dfsg/debian/patches/020120909~3a56f4e.patch --- ghostscript-9.05~dfsg/debian/patches/020120909~3a56f4e.patch 1970-01-01 09:30:00.000000000 +0930 +++ ghostscript-9.05~dfsg/debian/patches/020120909~3a56f4e.patch 2013-07-05 14:57:27.000000000 +0930 @@ -0,0 +1,23 @@ +Description: Correctly restore PS stack when PDF stream run aborts. + Fix "File has unbalanced q/Q operators (too many Q's)" endless loop. +Origin: upstream, http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3a56f4e +Author: Alex Cherepanov <alex.cherepa...@artifex.com> +Forwarded: yes +Bug: http://bugs.ghostscript.com/show_bug.cgi?id=693045 +Bug-Debian: http://bugs.debian.org/714247 +Last-Update: 2013-07-04 + +--- a/Resource/Init/pdf_draw.ps ++++ b/Resource/Init/pdf_draw.ps +@@ -1746,9 +1746,8 @@ + ] cvx /PaintProc exch put + % Adjust pdfemptycount since we have an extra dictionary on the stack + pdfemptycount countdictstack 3 -1 roll +- /pdfemptycount count 2 sub store +- q execform % gsave / grestore around the Form +- ++ /pdfemptycount count 3 sub store ++ /q cvx /execform cvx 5 -2 roll 4 .execn + % Restore pdfemptycount + 0 + { countdictstack diff -Nru ghostscript-9.05~dfsg/debian/patches/020130619~daceba6.patch ghostscript-9.05~dfsg/debian/patches/020130619~daceba6.patch --- ghostscript-9.05~dfsg/debian/patches/020130619~daceba6.patch 1970-01-01 09:30:00.000000000 +0930 +++ ghostscript-9.05~dfsg/debian/patches/020130619~daceba6.patch 2013-07-05 14:57:32.000000000 +0930 @@ -0,0 +1,59 @@ +Description: PDF interpreter - ignore invalid /DecodeParams for streams + Fix "File has unbalanced q/Q operators (too many Q's)" endless loop. + . + The PDF file is invalid, it has a /Filters array with 2 elements, and a + /DecodeParams array with 1 element. The DecodeParams array must have + either the same number of elements as the Filters, or not be present + (default). + . + We now test the length of each array and ignore the DecodeParams if the + lengths are not the same (as we have no way to know which Params relate + to which Filter) +Origin: upstream, http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=daceba6 +Author: Ken Sharp <ken.sh...@artifex.com> +Forwarded: yes +Bug: http://bugs.ghostscript.com/show_bug.cgi?id=694353 +Bug-Debian: http://bugs.debian.org/714247 +Last-Update: 2013-07-04 + +--- a/Resource/Init/pdf_base.ps ++++ b/Resource/Init/pdf_base.ps +@@ -969,16 +969,30 @@ + currentdict /pdf_rules_dict undef + + /applyfilters { % <parms> <source> <filternames> applyfilters <stream> +- 2 index //null eq { ++ 2 index //null eq ++ { + { filtername add_A85_param filter } +- } { +- { % Stack: parms source filtername +- 2 index 0 oget dup type /dicttype ne { pop } { +- exch filtername dup /JBIG2Decode eq { exch jbig2cachectx exch } if +- } ifelse add_A85_param filter +- exch dup length 1 sub 1 exch getinterval exch ++ } ++ { ++ dup length 3 index length ne %% compare lengths of DecodeParmas and Filter arrays ++ { %% if they aren't the same, ignore the decode params ++ ( **** Warning: ignoring stream /DecodeParams array as its length is different to the Filters array.\n) pdfformaterror ++ 3 -1 roll pop //null 3 1 roll ++ { filtername add_A85_param filter } + } +- } ifelse forall exch pop ++ { ++ { % Stack: parms source filtername ++ 2 index 0 oget dup type /dicttype ne ++ { pop } ++ { ++ exch filtername dup /JBIG2Decode eq { exch jbig2cachectx exch } if ++ } ifelse ++ add_A85_param filter ++ exch dup length 1 sub 1 exch getinterval exch ++ } ++ } ifelse ++ } ifelse ++ forall exch pop + } bind def + + % JBIG2 streams have an optional 'globals' stream obj for diff -Nru ghostscript-9.05~dfsg/debian/patches/series ghostscript-9.05~dfsg/debian/patches/series --- ghostscript-9.05~dfsg/debian/patches/series 2012-11-26 02:18:34.000000000 +1030 +++ ghostscript-9.05~dfsg/debian/patches/series 2013-07-05 14:57:32.000000000 +0930 @@ -8,3 +8,5 @@ 2002_gs_man_fix_debian.patch 2003_support_multiarch.patch CVE-2012-4405.patch +020130619~daceba6.patch +020120909~3a56f4e.patch
signature.asc
Description: This is a digitally signed message part
