NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/ghostscript: bump to version 9.55.0

Browse Source 
- Drop patches (already in version)
- Disable pdf which fails to build and was added by
  https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=316c3a08269212f1005709da64efcb383f8f5ce0
- Update hash of license file (references on ETS related patents removed
  with
  https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=431167121968b066d90b0506347b6eb779e08a3f)

https://www.ghostscript.com/doc/9.54.0/News.htm
https://www.ghostscript.com/doc/9.55.0/News.htm

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit is contained in:
Fabrice Fontaine 2022-01-15 15:39:00 +01:00 committed by Arnout Vandecappelle (Essensium/Mind)
parent 8ef413b59a
commit 7a4944569c
7 changed files with 33 additions and 422 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
package/ghostscript/0001-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch Normal file
View File

@ -0,0 +1,28 @@
From 830afae5454dea3bff903869d82022306890a96c Mon Sep 17 00:00:00 2001
From: Robin Watts <Robin.Watts@artifex.com>
Date: Fri, 1 Oct 2021 12:44:44 +0100
Subject: [PATCH] Bug 704405: Fix typo in non-forked lcms2 code.
[Retrieved from:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=830afae5454dea3bff903869d82022306890a96c]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
base/gsicc_lcms2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/base/gsicc_lcms2.c b/base/gsicc_lcms2.c
index ccf1d7051..9badb6dee 100644
--- a/base/gsicc_lcms2.c
+++ b/base/gsicc_lcms2.c
@@ -462,7 +462,7 @@ int
gscms_transform_color(gx_device *dev, gsicc_link_t *icclink, void *inputcolor,
void *outputcolor, int num_bytes)
{
- return gscms_transformm_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
+ return gscms_transform_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
}
int
--
2.25.1

55
package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch
View File

@ -1,55 +0,0 @@
From 41ef9a0bc36b9db7115fbe9623f989bfb47bbade Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Tue, 20 Oct 2020 09:49:45 +0100
Subject: [PATCH] Bug 702985: drop use of FT_CALLBACK_DEF() def
From 2.10.3, Freetype disappeared the FT_CALLBACK_DEF() macro, which is what
we used when defining our callbacks from Freetype.
No guidance forthcoming from the Freetype developer who made those changes,
so change to explicitly declaring the callbacks file static.
Should fix the reported build failures.
Downloaded from upstream commit:
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=41ef9a0bc36b
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
base/fapi_ft.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/base/fapi_ft.c b/base/fapi_ft.c
index 65fa6dcf4..21aef2f06 100644
--- a/base/fapi_ft.c
+++ b/base/fapi_ft.c
@@ -125,7 +125,7 @@ static void
delete_inc_int_info(gs_fapi_server * a_server,
FT_IncrementalRec * a_inc_int_info);
-FT_CALLBACK_DEF(void *)
+static void *
FF_alloc(FT_Memory memory, long size)
{
gs_memory_t *mem = (gs_memory_t *) memory->user;
@@ -133,7 +133,7 @@ FF_alloc(FT_Memory memory, long size)
return (gs_malloc(mem, size, 1, "FF_alloc"));
}
-FT_CALLBACK_DEF(void *)
+static void *
FF_realloc(FT_Memory memory, long cur_size, long new_size, void *block)
{
gs_memory_t *mem = (gs_memory_t *) memory->user;
@@ -153,7 +153,7 @@ FT_CALLBACK_DEF(void *)
return (tmp);
}
-FT_CALLBACK_DEF(void)
+static void
FF_free(FT_Memory memory, void *block)
{
gs_memory_t *mem = (gs_memory_t *) memory->user;
--
2.17.1

234
package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
View File

@ -1,234 +0,0 @@
From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Tue, 7 Sep 2021 20:36:12 +0100
Subject: [PATCH] Bug 704342: Include device specifier strings in access
validation
for the "%pipe%", %handle%" and %printer% io devices.
We previously validated only the part after the "%pipe%" Postscript device
specifier, but this proved insufficient.
This rebuilds the original file name string, and validates it complete. The
slight complication for "%pipe%" is it can be reached implicitly using
"|" so we have to check both prefixes.
Addresses CVE-2021-3781
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
base/gdevpipe.c | 22 +++++++++++++++-
base/gp_mshdl.c | 11 +++++++-
base/gp_msprn.c | 10 ++++++-
base/gp_os2pr.c | 13 +++++++++-
base/gslibctx.c | 69 ++++++++++---------------------------------------
5 files changed, 65 insertions(+), 60 deletions(-)
diff --git a/base/gdevpipe.c b/base/gdevpipe.c
index 96d71f5d8..5bdc485be 100644
--- a/base/gdevpipe.c
+++ b/base/gdevpipe.c
@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
#else
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ /* The pipe device can be reached in two ways, explicltly with %pipe%
+ or implicitly with "|", so we have to check for both
+ */
+ char f[gp_file_name_sizeof];
+ const char *pipestr = "|";
+ const size_t pipestrlen = strlen(pipestr);
+ const size_t preflen = strlen(iodev->dname);
+ const size_t nlen = strlen(fname);
+ int code1;
+
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(f, iodev->dname, preflen);
+ memcpy(f + preflen, fname, nlen + 1);
+
+ code1 = gp_validate_path(mem, f, access);
+
+ memcpy(f, pipestr, pipestrlen);
+ memcpy(f + pipestrlen, fname, nlen + 1);
- if (gp_validate_path(mem, fname, access) != 0)
+ if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
return gs_error_invalidfileaccess;
/*
diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
index 2b964ed74..8d87ceadc 100644
--- a/base/gp_mshdl.c
+++ b/base/gp_mshdl.c
@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
long hfile; /* Correct for Win32, may be wrong for Win64 */
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ char f[gp_file_name_sizeof];
+ const size_t preflen = strlen(iodev->dname);
+ const size_t nlen = strlen(fname);
- if (gp_validate_path(mem, fname, access) != 0)
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(f, iodev->dname, preflen);
+ memcpy(f + preflen, fname, nlen + 1);
+
+ if (gp_validate_path(mem, f, access) != 0)
return gs_error_invalidfileaccess;
/* First we try the open_handle method. */
diff --git a/base/gp_msprn.c b/base/gp_msprn.c
index ed4827968..746a974f7 100644
--- a/base/gp_msprn.c
+++ b/base/gp_msprn.c
@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ const size_t preflen = strlen(iodev->dname);
+ const size_t nlen = strlen(fname);
- if (gp_validate_path(mem, fname, access) != 0)
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(pname, iodev->dname, preflen);
+ memcpy(pname + preflen, fname, nlen + 1);
+
+ if (gp_validate_path(mem, pname, access) != 0)
return gs_error_invalidfileaccess;
/* First we try the open_printer method. */
diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
index f852c71fc..ba54cde66 100644
--- a/base/gp_os2pr.c
+++ b/base/gp_os2pr.c
@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
FILE ** pfile, char *rfname, uint rnamelen)
{
os2_printer_t *pr = (os2_printer_t *)iodev->state;
- char driver_name[256];
+ char driver_name[gp_file_name_sizeof];
gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
gs_fs_list_t *fs = ctx->core->fs;
+ const size_t preflen = strlen(iodev->dname);
+ const int size_t = strlen(fname);
+
+ if (preflen + nlen >= gp_file_name_sizeof)
+ return_error(gs_error_invalidaccess);
+
+ memcpy(driver_name, iodev->dname, preflen);
+ memcpy(driver_name + preflen, fname, nlen + 1);
+
+ if (gp_validate_path(mem, driver_name, access) != 0)
+ return gs_error_invalidfileaccess;
/* First we try the open_printer method. */
/* Note that the loop condition here ensures we don't
diff --git a/base/gslibctx.c b/base/gslibctx.c
index 6dfed6cd5..318039fad 100644
--- a/base/gslibctx.c
+++ b/base/gslibctx.c
@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
int
gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
{
- char *fp, f[gp_file_name_sizeof];
- const int pipe = 124; /* ASCII code for '|' */
- const int len = strlen(fname);
- int i, code;
+ char f[gp_file_name_sizeof];
+ int code;
/* Be sure the string copy will fit */
- if (len >= gp_file_name_sizeof)
+ if (strlen(fname) >= gp_file_name_sizeof)
return gs_error_rangecheck;
strcpy(f, fname);
- fp = f;
/* Try to rewrite any %d (or similar) in the string */
rewrite_percent_specifiers(f);
- for (i = 0; i < len; i++) {
- if (f[i] == pipe) {
- fp = &f[i + 1];
- /* Because we potentially have to check file permissions at two levels
- for the output file (gx_device_open_output_file and the low level
- fopen API, if we're using a pipe, we have to add both the full string,
- (including the '|', and just the command to which we pipe - since at
- the pipe_fopen(), the leading '|' has been stripped.
- */
- code = gs_add_control_path(mem, gs_permit_file_writing, f);
- if (code < 0)
- return code;
- code = gs_add_control_path(mem, gs_permit_file_control, f);
- if (code < 0)
- return code;
- break;
- }
- if (!IS_WHITESPACE(f[i]))
- break;
- }
- code = gs_add_control_path(mem, gs_permit_file_control, fp);
+
+ code = gs_add_control_path(mem, gs_permit_file_control, f);
if (code < 0)
return code;
- return gs_add_control_path(mem, gs_permit_file_writing, fp);
+ return gs_add_control_path(mem, gs_permit_file_writing, f);
}
int
gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
{
- char *fp, f[gp_file_name_sizeof];
- const int pipe = 124; /* ASCII code for '|' */
- const int len = strlen(fname);
- int i, code;
+ char f[gp_file_name_sizeof];
+ int code;
/* Be sure the string copy will fit */
- if (len >= gp_file_name_sizeof)
+ if (strlen(fname) >= gp_file_name_sizeof)
return gs_error_rangecheck;
strcpy(f, fname);
- fp = f;
/* Try to rewrite any %d (or similar) in the string */
- for (i = 0; i < len; i++) {
- if (f[i] == pipe) {
- fp = &f[i + 1];
- /* Because we potentially have to check file permissions at two levels
- for the output file (gx_device_open_output_file and the low level
- fopen API, if we're using a pipe, we have to add both the full string,
- (including the '|', and just the command to which we pipe - since at
- the pipe_fopen(), the leading '|' has been stripped.
- */
- code = gs_remove_control_path(mem, gs_permit_file_writing, f);
- if (code < 0)
- return code;
- code = gs_remove_control_path(mem, gs_permit_file_control, f);
- if (code < 0)
- return code;
- break;
- }
- if (!IS_WHITESPACE(f[i]))
- break;
- }
- code = gs_remove_control_path(mem, gs_permit_file_control, fp);
+ rewrite_percent_specifiers(f);
+
+ code = gs_remove_control_path(mem, gs_permit_file_control, f);
if (code < 0)
return code;
- return gs_remove_control_path(mem, gs_permit_file_writing, fp);
+ return gs_remove_control_path(mem, gs_permit_file_writing, f);
}
int
--
2.20.1

52
package/ghostscript/0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
View File

@ -1,52 +0,0 @@
From 7861fcad13c497728189feafb41cd57b5b50ea25 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Fri, 12 Feb 2021 10:34:23 +0000
Subject: [PATCH] oss-fuzz 30715: Check stack limits after function evaluation.
During function result sampling, after the callout to the Postscript
interpreter, make sure there is enough stack space available before pushing
or popping entries.
In thise case, the Postscript procedure for the "function" is totally invalid
(as a function), and leaves the op stack in an unrecoverable state (as far as
function evaluation is concerned). We end up popping more entries off the
stack than are available.
To cope, add in stack limit checking to throw an appropriate error when this
happens.
[Retrieved from:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7861fcad13c497728189feafb41cd57b5b50ea25]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
psi/zfsample.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/psi/zfsample.c b/psi/zfsample.c
index 290809405..652ae02c6 100644
--- a/psi/zfsample.c
+++ b/psi/zfsample.c
@@ -551,9 +551,17 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
} else {
if (stack_depth_adjust) {
stack_depth_adjust -= num_out;
- push(O_STACK_PAD - stack_depth_adjust);
- for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
- make_null(op - i);
+ if ((O_STACK_PAD - stack_depth_adjust) < 0) {
+ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
+ check_op(stack_depth_adjust);
+ pop(stack_depth_adjust);
+ }
+ else {
+ check_ostack(O_STACK_PAD - stack_depth_adjust);
+ push(O_STACK_PAD - stack_depth_adjust);
+ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
+ make_null(op - i);
+ }
}
}
--
2.25.1

68
package/ghostscript/0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
View File

@ -1,68 +0,0 @@
From 2a3129365d3bc0d4a41f107ef175920d1505d1f7 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Tue, 1 Jun 2021 19:57:16 +0100
Subject: [PATCH] Bug 703902: Fix op stack management in
sampled_data_continue()
Replace pop() (which does no checking, and doesn't handle stack extension
blocks) with ref_stack_pop() which does do all that.
We still use pop() in one case (it's faster), but we have to later use
ref_stack_pop() before calling sampled_data_sample() which also accesses the
op stack.
Fixes:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675
[Retrieved from:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=2a3129365d3bc0d4a41f107ef175920d1505d1f7]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
psi/zfsample.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/psi/zfsample.c b/psi/zfsample.c
index 0e8e4bc8d..00cd0cfdd 100644
--- a/psi/zfsample.c
+++ b/psi/zfsample.c
@@ -533,15 +533,19 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
for (j = 0; j < bps; j++)
data_ptr[bps * i + j] = (byte)(cv >> ((bps - 1 - j) * 8)); /* MSB first */
}
- pop(num_out); /* Move op to base of result values */
- /* Check if we are done collecting data. */
+ pop(num_out); /* Move op to base of result values */
+ /* From here on, we have to use ref_stack_pop() rather than pop()
+ so that it handles stack extension blocks properly, before calling
+ sampled_data_sample() which also uses the op stack.
+ */
+ /* Check if we are done collecting data. */
if (increment_cube_indexes(params, penum->indexes)) {
if (stack_depth_adjust == 0)
- pop(O_STACK_PAD); /* Remove spare stack space */
+ ref_stack_pop(&o_stack, O_STACK_PAD); /* Remove spare stack space */
else
- pop(stack_depth_adjust - num_out);
+ ref_stack_pop(&o_stack, stack_depth_adjust - num_out);
/* Execute the closing procedure, if given */
code = 0;
if (esp_finish_proc != 0)
@@ -554,11 +558,11 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
if ((O_STACK_PAD - stack_depth_adjust) < 0) {
stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
check_op(stack_depth_adjust);
- pop(stack_depth_adjust);
+ ref_stack_pop(&o_stack, stack_depth_adjust);
}
else {
check_ostack(O_STACK_PAD - stack_depth_adjust);
- push(O_STACK_PAD - stack_depth_adjust);
+ ref_stack_push(&o_stack, O_STACK_PAD - stack_depth_adjust);
for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
make_null(op - i);
}
--
2.25.1

6
package/ghostscript/ghostscript.hash
View File

@ -1,5 +1,5 @@
# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9533/SHA512SUMS
sha512 c142ef9d83896aa8fd18c8e412220fe8f4950614be00d327d27ab051fe85e16524bf2ee00f46c2aca7a352ce47bc3acf2c4de0f7bbea7e4c55474b8af6cdc0a6 ghostscript-9.53.3.tar.gz
# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9550/SHA512SUMS
sha512 3646b7981dced443559ba97c74c08463139e86a5479661e4dcd217c51e3f8e766da9cf4d7889a98ba3c079a17e9e5b452cc765b633e0720deab2337e77efdd09 ghostscript-9.55.0.tar.gz
# Hash for license file:
sha256 6f852249f975287b3efd43a5883875e47fa9f3125e2f1b18b5c09517ac30ecf2 LICENSE
sha256 8ce064f423b7c24a011b6ebf9431b8bf9861a5255e47c84bfb23fc526d030a8b LICENSE

12
package/ghostscript/ghostscript.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
GHOSTSCRIPT_VERSION = 9.53.3
GHOSTSCRIPT_VERSION = 9.55.0
GHOSTSCRIPT_SITE = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs$(subst .,,$(GHOSTSCRIPT_VERSION))
GHOSTSCRIPT_LICENSE = AGPL-3.0
GHOSTSCRIPT_LICENSE_FILES = LICENSE
@ -21,15 +21,6 @@ GHOSTSCRIPT_DEPENDENCIES = \
libpng \
tiff
# 0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
GHOSTSCRIPT_IGNORE_CVES += CVE-2021-3781
# 0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
GHOSTSCRIPT_IGNORE_CVES += CVE-2021-45944
# 0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
GHOSTSCRIPT_IGNORE_CVES += CVE-2021-45949
# Ghostscript includes (old) copies of several libraries, delete them.
# Inspired by linuxfromscratch:
# http://www.linuxfromscratch.org/blfs/view/svn/pst/gs.html
@ -52,6 +43,7 @@ GHOSTSCRIPT_CONF_OPTS = \
--enable-freetype \
--disable-gtk \
--without-libpaper \
--without-pdf \
--with-system-libtiff
ifeq ($(BR2_PACKAGE_JBIG2DEC),y)