* [Buildroot] [PATCH 1/1] package/ghostscript: bump to version 9.55.0
@ 2022-01-15 14:39 Fabrice Fontaine
2022-02-03 20:43 ` Arnout Vandecappelle
0 siblings, 1 reply; 2+ messages in thread
From: Fabrice Fontaine @ 2022-01-15 14:39 UTC (permalink / raw)
To: buildroot; +Cc: Bernd Kuhls, Fabrice Fontaine
- Drop patches (already in version)
- Disable pdf which fails to build and was added by
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=316c3a08269212f1005709da64efcb383f8f5ce0
- Update hash of license file (references on ETS related patents removed
with
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=431167121968b066d90b0506347b6eb779e08a3f)
https://www.ghostscript.com/doc/9.54.0/News.htm
https://www.ghostscript.com/doc/9.55.0/News.htm
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
...05-Fix-typo-in-non-forked-lcms2-code.patch | 28 +++
...g-702985-drop-use-of-FT_CALLBACK_DEF.patch | 55 ----
...de-device-specifier-strings-in-acces.patch | 234 ------------------
...ack-limits-after-function-evaluation.patch | 52 ----
...-management-in-sampled_data_continue.patch | 68 -----
package/ghostscript/ghostscript.hash | 6 +-
package/ghostscript/ghostscript.mk | 12 +-
7 files changed, 33 insertions(+), 422 deletions(-)
create mode 100644 package/ghostscript/0001-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch
delete mode 100644 package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch
delete mode 100644 package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
delete mode 100644 package/ghostscript/0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
delete mode 100644 package/ghostscript/0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
diff --git a/package/ghostscript/0001-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch b/package/ghostscript/0001-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch
new file mode 100644
index 0000000000..bb1227f687
--- /dev/null
+++ b/package/ghostscript/0001-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch
@@ -0,0 +1,28 @@
+From 830afae5454dea3bff903869d82022306890a96c Mon Sep 17 00:00:00 2001
+From: Robin Watts <Robin.Watts@artifex.com>
+Date: Fri, 1 Oct 2021 12:44:44 +0100
+Subject: [PATCH] Bug 704405: Fix typo in non-forked lcms2 code.
+
+[Retrieved from:
+https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=830afae5454dea3bff903869d82022306890a96c]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ base/gsicc_lcms2.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/base/gsicc_lcms2.c b/base/gsicc_lcms2.c
+index ccf1d7051..9badb6dee 100644
+--- a/base/gsicc_lcms2.c
++++ b/base/gsicc_lcms2.c
+@@ -462,7 +462,7 @@ int
+ gscms_transform_color(gx_device *dev, gsicc_link_t *icclink, void *inputcolor,
+ void *outputcolor, int num_bytes)
+ {
+- return gscms_transformm_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
++ return gscms_transform_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
+ }
+
+ int
+--
+2.25.1
+
diff --git a/package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch b/package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch
deleted file mode 100644
index 044dcc72f1..0000000000
--- a/package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 41ef9a0bc36b9db7115fbe9623f989bfb47bbade Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Tue, 20 Oct 2020 09:49:45 +0100
-Subject: [PATCH] Bug 702985: drop use of FT_CALLBACK_DEF() def
-
-From 2.10.3, Freetype disappeared the FT_CALLBACK_DEF() macro, which is what
-we used when defining our callbacks from Freetype.
-
-No guidance forthcoming from the Freetype developer who made those changes,
-so change to explicitly declaring the callbacks file static.
-
-Should fix the reported build failures.
-
-Downloaded from upstream commit:
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=41ef9a0bc36b
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
----
- base/fapi_ft.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/base/fapi_ft.c b/base/fapi_ft.c
-index 65fa6dcf4..21aef2f06 100644
---- a/base/fapi_ft.c
-+++ b/base/fapi_ft.c
-@@ -125,7 +125,7 @@ static void
- delete_inc_int_info(gs_fapi_server * a_server,
- FT_IncrementalRec * a_inc_int_info);
-
--FT_CALLBACK_DEF(void *)
-+static void *
- FF_alloc(FT_Memory memory, long size)
- {
- gs_memory_t *mem = (gs_memory_t *) memory->user;
-@@ -133,7 +133,7 @@ FF_alloc(FT_Memory memory, long size)
- return (gs_malloc(mem, size, 1, "FF_alloc"));
- }
-
--FT_CALLBACK_DEF(void *)
-+static void *
- FF_realloc(FT_Memory memory, long cur_size, long new_size, void *block)
- {
- gs_memory_t *mem = (gs_memory_t *) memory->user;
-@@ -153,7 +153,7 @@ FT_CALLBACK_DEF(void *)
- return (tmp);
- }
-
--FT_CALLBACK_DEF(void)
-+static void
- FF_free(FT_Memory memory, void *block)
- {
- gs_memory_t *mem = (gs_memory_t *) memory->user;
---
-2.17.1
-
diff --git a/package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch b/package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
deleted file mode 100644
index 81436d8228..0000000000
--- a/package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
+++ /dev/null
@@ -1,234 +0,0 @@
-From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Tue, 7 Sep 2021 20:36:12 +0100
-Subject: [PATCH] Bug 704342: Include device specifier strings in access
- validation
-
-for the "%pipe%", %handle%" and %printer% io devices.
-
-We previously validated only the part after the "%pipe%" Postscript device
-specifier, but this proved insufficient.
-
-This rebuilds the original file name string, and validates it complete. The
-slight complication for "%pipe%" is it can be reached implicitly using
-"|" so we have to check both prefixes.
-
-Addresses CVE-2021-3781
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- base/gdevpipe.c | 22 +++++++++++++++-
- base/gp_mshdl.c | 11 +++++++-
- base/gp_msprn.c | 10 ++++++-
- base/gp_os2pr.c | 13 +++++++++-
- base/gslibctx.c | 69 ++++++++++---------------------------------------
- 5 files changed, 65 insertions(+), 60 deletions(-)
-
-diff --git a/base/gdevpipe.c b/base/gdevpipe.c
-index 96d71f5d8..5bdc485be 100644
---- a/base/gdevpipe.c
-+++ b/base/gdevpipe.c
-@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
- #else
- gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
- gs_fs_list_t *fs = ctx->core->fs;
-+ /* The pipe device can be reached in two ways, explicltly with %pipe%
-+ or implicitly with "|", so we have to check for both
-+ */
-+ char f[gp_file_name_sizeof];
-+ const char *pipestr = "|";
-+ const size_t pipestrlen = strlen(pipestr);
-+ const size_t preflen = strlen(iodev->dname);
-+ const size_t nlen = strlen(fname);
-+ int code1;
-+
-+ if (preflen + nlen >= gp_file_name_sizeof)
-+ return_error(gs_error_invalidaccess);
-+
-+ memcpy(f, iodev->dname, preflen);
-+ memcpy(f + preflen, fname, nlen + 1);
-+
-+ code1 = gp_validate_path(mem, f, access);
-+
-+ memcpy(f, pipestr, pipestrlen);
-+ memcpy(f + pipestrlen, fname, nlen + 1);
-
-- if (gp_validate_path(mem, fname, access) != 0)
-+ if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
- return gs_error_invalidfileaccess;
-
- /*
-diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
-index 2b964ed74..8d87ceadc 100644
---- a/base/gp_mshdl.c
-+++ b/base/gp_mshdl.c
-@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
- long hfile; /* Correct for Win32, may be wrong for Win64 */
- gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
- gs_fs_list_t *fs = ctx->core->fs;
-+ char f[gp_file_name_sizeof];
-+ const size_t preflen = strlen(iodev->dname);
-+ const size_t nlen = strlen(fname);
-
-- if (gp_validate_path(mem, fname, access) != 0)
-+ if (preflen + nlen >= gp_file_name_sizeof)
-+ return_error(gs_error_invalidaccess);
-+
-+ memcpy(f, iodev->dname, preflen);
-+ memcpy(f + preflen, fname, nlen + 1);
-+
-+ if (gp_validate_path(mem, f, access) != 0)
- return gs_error_invalidfileaccess;
-
- /* First we try the open_handle method. */
-diff --git a/base/gp_msprn.c b/base/gp_msprn.c
-index ed4827968..746a974f7 100644
---- a/base/gp_msprn.c
-+++ b/base/gp_msprn.c
-@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
- uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
- gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
- gs_fs_list_t *fs = ctx->core->fs;
-+ const size_t preflen = strlen(iodev->dname);
-+ const size_t nlen = strlen(fname);
-
-- if (gp_validate_path(mem, fname, access) != 0)
-+ if (preflen + nlen >= gp_file_name_sizeof)
-+ return_error(gs_error_invalidaccess);
-+
-+ memcpy(pname, iodev->dname, preflen);
-+ memcpy(pname + preflen, fname, nlen + 1);
-+
-+ if (gp_validate_path(mem, pname, access) != 0)
- return gs_error_invalidfileaccess;
-
- /* First we try the open_printer method. */
-diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
-index f852c71fc..ba54cde66 100644
---- a/base/gp_os2pr.c
-+++ b/base/gp_os2pr.c
-@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
- FILE ** pfile, char *rfname, uint rnamelen)
- {
- os2_printer_t *pr = (os2_printer_t *)iodev->state;
-- char driver_name[256];
-+ char driver_name[gp_file_name_sizeof];
- gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
- gs_fs_list_t *fs = ctx->core->fs;
-+ const size_t preflen = strlen(iodev->dname);
-+ const int size_t = strlen(fname);
-+
-+ if (preflen + nlen >= gp_file_name_sizeof)
-+ return_error(gs_error_invalidaccess);
-+
-+ memcpy(driver_name, iodev->dname, preflen);
-+ memcpy(driver_name + preflen, fname, nlen + 1);
-+
-+ if (gp_validate_path(mem, driver_name, access) != 0)
-+ return gs_error_invalidfileaccess;
-
- /* First we try the open_printer method. */
- /* Note that the loop condition here ensures we don't
-diff --git a/base/gslibctx.c b/base/gslibctx.c
-index 6dfed6cd5..318039fad 100644
---- a/base/gslibctx.c
-+++ b/base/gslibctx.c
-@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
- int
- gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
- {
-- char *fp, f[gp_file_name_sizeof];
-- const int pipe = 124; /* ASCII code for '|' */
-- const int len = strlen(fname);
-- int i, code;
-+ char f[gp_file_name_sizeof];
-+ int code;
-
- /* Be sure the string copy will fit */
-- if (len >= gp_file_name_sizeof)
-+ if (strlen(fname) >= gp_file_name_sizeof)
- return gs_error_rangecheck;
- strcpy(f, fname);
-- fp = f;
- /* Try to rewrite any %d (or similar) in the string */
- rewrite_percent_specifiers(f);
-- for (i = 0; i < len; i++) {
-- if (f[i] == pipe) {
-- fp = &f[i + 1];
-- /* Because we potentially have to check file permissions at two levels
-- for the output file (gx_device_open_output_file and the low level
-- fopen API, if we're using a pipe, we have to add both the full string,
-- (including the '|', and just the command to which we pipe - since at
-- the pipe_fopen(), the leading '|' has been stripped.
-- */
-- code = gs_add_control_path(mem, gs_permit_file_writing, f);
-- if (code < 0)
-- return code;
-- code = gs_add_control_path(mem, gs_permit_file_control, f);
-- if (code < 0)
-- return code;
-- break;
-- }
-- if (!IS_WHITESPACE(f[i]))
-- break;
-- }
-- code = gs_add_control_path(mem, gs_permit_file_control, fp);
-+
-+ code = gs_add_control_path(mem, gs_permit_file_control, f);
- if (code < 0)
- return code;
-- return gs_add_control_path(mem, gs_permit_file_writing, fp);
-+ return gs_add_control_path(mem, gs_permit_file_writing, f);
- }
-
- int
- gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
- {
-- char *fp, f[gp_file_name_sizeof];
-- const int pipe = 124; /* ASCII code for '|' */
-- const int len = strlen(fname);
-- int i, code;
-+ char f[gp_file_name_sizeof];
-+ int code;
-
- /* Be sure the string copy will fit */
-- if (len >= gp_file_name_sizeof)
-+ if (strlen(fname) >= gp_file_name_sizeof)
- return gs_error_rangecheck;
- strcpy(f, fname);
-- fp = f;
- /* Try to rewrite any %d (or similar) in the string */
-- for (i = 0; i < len; i++) {
-- if (f[i] == pipe) {
-- fp = &f[i + 1];
-- /* Because we potentially have to check file permissions at two levels
-- for the output file (gx_device_open_output_file and the low level
-- fopen API, if we're using a pipe, we have to add both the full string,
-- (including the '|', and just the command to which we pipe - since at
-- the pipe_fopen(), the leading '|' has been stripped.
-- */
-- code = gs_remove_control_path(mem, gs_permit_file_writing, f);
-- if (code < 0)
-- return code;
-- code = gs_remove_control_path(mem, gs_permit_file_control, f);
-- if (code < 0)
-- return code;
-- break;
-- }
-- if (!IS_WHITESPACE(f[i]))
-- break;
-- }
-- code = gs_remove_control_path(mem, gs_permit_file_control, fp);
-+ rewrite_percent_specifiers(f);
-+
-+ code = gs_remove_control_path(mem, gs_permit_file_control, f);
- if (code < 0)
- return code;
-- return gs_remove_control_path(mem, gs_permit_file_writing, fp);
-+ return gs_remove_control_path(mem, gs_permit_file_writing, f);
- }
-
- int
---
-2.20.1
-
diff --git a/package/ghostscript/0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch b/package/ghostscript/0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
deleted file mode 100644
index 352f1754f6..0000000000
--- a/package/ghostscript/0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 7861fcad13c497728189feafb41cd57b5b50ea25 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Fri, 12 Feb 2021 10:34:23 +0000
-Subject: [PATCH] oss-fuzz 30715: Check stack limits after function evaluation.
-
-During function result sampling, after the callout to the Postscript
-interpreter, make sure there is enough stack space available before pushing
-or popping entries.
-
-In thise case, the Postscript procedure for the "function" is totally invalid
-(as a function), and leaves the op stack in an unrecoverable state (as far as
-function evaluation is concerned). We end up popping more entries off the
-stack than are available.
-
-To cope, add in stack limit checking to throw an appropriate error when this
-happens.
-
-[Retrieved from:
-https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7861fcad13c497728189feafb41cd57b5b50ea25]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- psi/zfsample.c | 14 +++++++++++---
- 1 file changed, 11 insertions(+), 3 deletions(-)
-
-diff --git a/psi/zfsample.c b/psi/zfsample.c
-index 290809405..652ae02c6 100644
---- a/psi/zfsample.c
-+++ b/psi/zfsample.c
-@@ -551,9 +551,17 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
- } else {
- if (stack_depth_adjust) {
- stack_depth_adjust -= num_out;
-- push(O_STACK_PAD - stack_depth_adjust);
-- for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
-- make_null(op - i);
-+ if ((O_STACK_PAD - stack_depth_adjust) < 0) {
-+ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
-+ check_op(stack_depth_adjust);
-+ pop(stack_depth_adjust);
-+ }
-+ else {
-+ check_ostack(O_STACK_PAD - stack_depth_adjust);
-+ push(O_STACK_PAD - stack_depth_adjust);
-+ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
-+ make_null(op - i);
-+ }
- }
- }
-
---
-2.25.1
-
diff --git a/package/ghostscript/0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch b/package/ghostscript/0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
deleted file mode 100644
index 72e07df0ac..0000000000
--- a/package/ghostscript/0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 2a3129365d3bc0d4a41f107ef175920d1505d1f7 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Tue, 1 Jun 2021 19:57:16 +0100
-Subject: [PATCH] Bug 703902: Fix op stack management in
- sampled_data_continue()
-
-Replace pop() (which does no checking, and doesn't handle stack extension
-blocks) with ref_stack_pop() which does do all that.
-
-We still use pop() in one case (it's faster), but we have to later use
-ref_stack_pop() before calling sampled_data_sample() which also accesses the
-op stack.
-
-Fixes:
-https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675
-
-[Retrieved from:
-https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=2a3129365d3bc0d4a41f107ef175920d1505d1f7]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- psi/zfsample.c | 16 ++++++++++------
- 1 file changed, 10 insertions(+), 6 deletions(-)
-
-diff --git a/psi/zfsample.c b/psi/zfsample.c
-index 0e8e4bc8d..00cd0cfdd 100644
---- a/psi/zfsample.c
-+++ b/psi/zfsample.c
-@@ -533,15 +533,19 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
- for (j = 0; j < bps; j++)
- data_ptr[bps * i + j] = (byte)(cv >> ((bps - 1 - j) * 8)); /* MSB first */
- }
-- pop(num_out); /* Move op to base of result values */
-
-- /* Check if we are done collecting data. */
-+ pop(num_out); /* Move op to base of result values */
-
-+ /* From here on, we have to use ref_stack_pop() rather than pop()
-+ so that it handles stack extension blocks properly, before calling
-+ sampled_data_sample() which also uses the op stack.
-+ */
-+ /* Check if we are done collecting data. */
- if (increment_cube_indexes(params, penum->indexes)) {
- if (stack_depth_adjust == 0)
-- pop(O_STACK_PAD); /* Remove spare stack space */
-+ ref_stack_pop(&o_stack, O_STACK_PAD); /* Remove spare stack space */
- else
-- pop(stack_depth_adjust - num_out);
-+ ref_stack_pop(&o_stack, stack_depth_adjust - num_out);
- /* Execute the closing procedure, if given */
- code = 0;
- if (esp_finish_proc != 0)
-@@ -554,11 +558,11 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
- if ((O_STACK_PAD - stack_depth_adjust) < 0) {
- stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
- check_op(stack_depth_adjust);
-- pop(stack_depth_adjust);
-+ ref_stack_pop(&o_stack, stack_depth_adjust);
- }
- else {
- check_ostack(O_STACK_PAD - stack_depth_adjust);
-- push(O_STACK_PAD - stack_depth_adjust);
-+ ref_stack_push(&o_stack, O_STACK_PAD - stack_depth_adjust);
- for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
- make_null(op - i);
- }
---
-2.25.1
-
diff --git a/package/ghostscript/ghostscript.hash b/package/ghostscript/ghostscript.hash
index f6cedc6198..95305a5e06 100644
--- a/package/ghostscript/ghostscript.hash
+++ b/package/ghostscript/ghostscript.hash
@@ -1,5 +1,5 @@
-# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9533/SHA512SUMS
-sha512 c142ef9d83896aa8fd18c8e412220fe8f4950614be00d327d27ab051fe85e16524bf2ee00f46c2aca7a352ce47bc3acf2c4de0f7bbea7e4c55474b8af6cdc0a6 ghostscript-9.53.3.tar.gz
+# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9550/SHA512SUMS
+sha512 3646b7981dced443559ba97c74c08463139e86a5479661e4dcd217c51e3f8e766da9cf4d7889a98ba3c079a17e9e5b452cc765b633e0720deab2337e77efdd09 ghostscript-9.55.0.tar.gz
# Hash for license file:
-sha256 6f852249f975287b3efd43a5883875e47fa9f3125e2f1b18b5c09517ac30ecf2 LICENSE
+sha256 8ce064f423b7c24a011b6ebf9431b8bf9861a5255e47c84bfb23fc526d030a8b LICENSE
diff --git a/package/ghostscript/ghostscript.mk b/package/ghostscript/ghostscript.mk
index 9e13f29fe9..24a0c489a8 100644
--- a/package/ghostscript/ghostscript.mk
+++ b/package/ghostscript/ghostscript.mk
@@ -4,7 +4,7 @@
#
################################################################################
-GHOSTSCRIPT_VERSION = 9.53.3
+GHOSTSCRIPT_VERSION = 9.55.0
GHOSTSCRIPT_SITE = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs$(subst .,,$(GHOSTSCRIPT_VERSION))
GHOSTSCRIPT_LICENSE = AGPL-3.0
GHOSTSCRIPT_LICENSE_FILES = LICENSE
@@ -21,15 +21,6 @@ GHOSTSCRIPT_DEPENDENCIES = \
libpng \
tiff
-# 0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
-GHOSTSCRIPT_IGNORE_CVES += CVE-2021-3781
-
-# 0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
-GHOSTSCRIPT_IGNORE_CVES += CVE-2021-45944
-
-# 0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
-GHOSTSCRIPT_IGNORE_CVES += CVE-2021-45949
-
# Ghostscript includes (old) copies of several libraries, delete them.
# Inspired by linuxfromscratch:
# http://www.linuxfromscratch.org/blfs/view/svn/pst/gs.html
@@ -52,6 +43,7 @@ GHOSTSCRIPT_CONF_OPTS = \
--enable-freetype \
--disable-gtk \
--without-libpaper \
+ --without-pdf \
--with-system-libtiff
ifeq ($(BR2_PACKAGE_JBIG2DEC),y)
--
2.34.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/ghostscript: bump to version 9.55.0
2022-01-15 14:39 [Buildroot] [PATCH 1/1] package/ghostscript: bump to version 9.55.0 Fabrice Fontaine
@ 2022-02-03 20:43 ` Arnout Vandecappelle
0 siblings, 0 replies; 2+ messages in thread
From: Arnout Vandecappelle @ 2022-02-03 20:43 UTC (permalink / raw)
To: Fabrice Fontaine, buildroot; +Cc: Bernd Kuhls
On 15/01/2022 15:39, Fabrice Fontaine wrote:
> - Drop patches (already in version)
> - Disable pdf which fails to build and was added by
> https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=316c3a08269212f1005709da64efcb383f8f5ce0
> - Update hash of license file (references on ETS related patents removed
> with
> https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=431167121968b066d90b0506347b6eb779e08a3f)
>
> https://www.ghostscript.com/doc/9.54.0/News.htm
> https://www.ghostscript.com/doc/9.55.0/News.htm
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Applied to master, thanks.
Regards,
Arnout
> ---
> ...05-Fix-typo-in-non-forked-lcms2-code.patch | 28 +++
> ...g-702985-drop-use-of-FT_CALLBACK_DEF.patch | 55 ----
> ...de-device-specifier-strings-in-acces.patch | 234 ------------------
> ...ack-limits-after-function-evaluation.patch | 52 ----
> ...-management-in-sampled_data_continue.patch | 68 -----
> package/ghostscript/ghostscript.hash | 6 +-
> package/ghostscript/ghostscript.mk | 12 +-
> 7 files changed, 33 insertions(+), 422 deletions(-)
> create mode 100644 package/ghostscript/0001-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch
> delete mode 100644 package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch
> delete mode 100644 package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
> delete mode 100644 package/ghostscript/0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
> delete mode 100644 package/ghostscript/0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
>
> diff --git a/package/ghostscript/0001-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch b/package/ghostscript/0001-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch
> new file mode 100644
> index 0000000000..bb1227f687
> --- /dev/null
> +++ b/package/ghostscript/0001-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch
> @@ -0,0 +1,28 @@
> +From 830afae5454dea3bff903869d82022306890a96c Mon Sep 17 00:00:00 2001
> +From: Robin Watts <Robin.Watts@artifex.com>
> +Date: Fri, 1 Oct 2021 12:44:44 +0100
> +Subject: [PATCH] Bug 704405: Fix typo in non-forked lcms2 code.
> +
> +[Retrieved from:
> +https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=830afae5454dea3bff903869d82022306890a96c]
> +Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> +---
> + base/gsicc_lcms2.c | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/base/gsicc_lcms2.c b/base/gsicc_lcms2.c
> +index ccf1d7051..9badb6dee 100644
> +--- a/base/gsicc_lcms2.c
> ++++ b/base/gsicc_lcms2.c
> +@@ -462,7 +462,7 @@ int
> + gscms_transform_color(gx_device *dev, gsicc_link_t *icclink, void *inputcolor,
> + void *outputcolor, int num_bytes)
> + {
> +- return gscms_transformm_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
> ++ return gscms_transform_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
> + }
> +
> + int
> +--
> +2.25.1
> +
> diff --git a/package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch b/package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch
> deleted file mode 100644
> index 044dcc72f1..0000000000
> --- a/package/ghostscript/0001-bug-702985-drop-use-of-FT_CALLBACK_DEF.patch
> +++ /dev/null
> @@ -1,55 +0,0 @@
> -From 41ef9a0bc36b9db7115fbe9623f989bfb47bbade Mon Sep 17 00:00:00 2001
> -From: Chris Liddell <chris.liddell@artifex.com>
> -Date: Tue, 20 Oct 2020 09:49:45 +0100
> -Subject: [PATCH] Bug 702985: drop use of FT_CALLBACK_DEF() def
> -
> -From 2.10.3, Freetype disappeared the FT_CALLBACK_DEF() macro, which is what
> -we used when defining our callbacks from Freetype.
> -
> -No guidance forthcoming from the Freetype developer who made those changes,
> -so change to explicitly declaring the callbacks file static.
> -
> -Should fix the reported build failures.
> -
> -Downloaded from upstream commit:
> -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=41ef9a0bc36b
> -
> -Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
> ----
> - base/fapi_ft.c | 6 +++---
> - 1 file changed, 3 insertions(+), 3 deletions(-)
> -
> -diff --git a/base/fapi_ft.c b/base/fapi_ft.c
> -index 65fa6dcf4..21aef2f06 100644
> ---- a/base/fapi_ft.c
> -+++ b/base/fapi_ft.c
> -@@ -125,7 +125,7 @@ static void
> - delete_inc_int_info(gs_fapi_server * a_server,
> - FT_IncrementalRec * a_inc_int_info);
> -
> --FT_CALLBACK_DEF(void *)
> -+static void *
> - FF_alloc(FT_Memory memory, long size)
> - {
> - gs_memory_t *mem = (gs_memory_t *) memory->user;
> -@@ -133,7 +133,7 @@ FF_alloc(FT_Memory memory, long size)
> - return (gs_malloc(mem, size, 1, "FF_alloc"));
> - }
> -
> --FT_CALLBACK_DEF(void *)
> -+static void *
> - FF_realloc(FT_Memory memory, long cur_size, long new_size, void *block)
> - {
> - gs_memory_t *mem = (gs_memory_t *) memory->user;
> -@@ -153,7 +153,7 @@ FT_CALLBACK_DEF(void *)
> - return (tmp);
> - }
> -
> --FT_CALLBACK_DEF(void)
> -+static void
> - FF_free(FT_Memory memory, void *block)
> - {
> - gs_memory_t *mem = (gs_memory_t *) memory->user;
> ---
> -2.17.1
> -
> diff --git a/package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch b/package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
> deleted file mode 100644
> index 81436d8228..0000000000
> --- a/package/ghostscript/0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
> +++ /dev/null
> @@ -1,234 +0,0 @@
> -From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
> -From: Chris Liddell <chris.liddell@artifex.com>
> -Date: Tue, 7 Sep 2021 20:36:12 +0100
> -Subject: [PATCH] Bug 704342: Include device specifier strings in access
> - validation
> -
> -for the "%pipe%", %handle%" and %printer% io devices.
> -
> -We previously validated only the part after the "%pipe%" Postscript device
> -specifier, but this proved insufficient.
> -
> -This rebuilds the original file name string, and validates it complete. The
> -slight complication for "%pipe%" is it can be reached implicitly using
> -"|" so we have to check both prefixes.
> -
> -Addresses CVE-2021-3781
> -
> -Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> ----
> - base/gdevpipe.c | 22 +++++++++++++++-
> - base/gp_mshdl.c | 11 +++++++-
> - base/gp_msprn.c | 10 ++++++-
> - base/gp_os2pr.c | 13 +++++++++-
> - base/gslibctx.c | 69 ++++++++++---------------------------------------
> - 5 files changed, 65 insertions(+), 60 deletions(-)
> -
> -diff --git a/base/gdevpipe.c b/base/gdevpipe.c
> -index 96d71f5d8..5bdc485be 100644
> ---- a/base/gdevpipe.c
> -+++ b/base/gdevpipe.c
> -@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
> - #else
> - gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
> - gs_fs_list_t *fs = ctx->core->fs;
> -+ /* The pipe device can be reached in two ways, explicltly with %pipe%
> -+ or implicitly with "|", so we have to check for both
> -+ */
> -+ char f[gp_file_name_sizeof];
> -+ const char *pipestr = "|";
> -+ const size_t pipestrlen = strlen(pipestr);
> -+ const size_t preflen = strlen(iodev->dname);
> -+ const size_t nlen = strlen(fname);
> -+ int code1;
> -+
> -+ if (preflen + nlen >= gp_file_name_sizeof)
> -+ return_error(gs_error_invalidaccess);
> -+
> -+ memcpy(f, iodev->dname, preflen);
> -+ memcpy(f + preflen, fname, nlen + 1);
> -+
> -+ code1 = gp_validate_path(mem, f, access);
> -+
> -+ memcpy(f, pipestr, pipestrlen);
> -+ memcpy(f + pipestrlen, fname, nlen + 1);
> -
> -- if (gp_validate_path(mem, fname, access) != 0)
> -+ if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
> - return gs_error_invalidfileaccess;
> -
> - /*
> -diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
> -index 2b964ed74..8d87ceadc 100644
> ---- a/base/gp_mshdl.c
> -+++ b/base/gp_mshdl.c
> -@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
> - long hfile; /* Correct for Win32, may be wrong for Win64 */
> - gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
> - gs_fs_list_t *fs = ctx->core->fs;
> -+ char f[gp_file_name_sizeof];
> -+ const size_t preflen = strlen(iodev->dname);
> -+ const size_t nlen = strlen(fname);
> -
> -- if (gp_validate_path(mem, fname, access) != 0)
> -+ if (preflen + nlen >= gp_file_name_sizeof)
> -+ return_error(gs_error_invalidaccess);
> -+
> -+ memcpy(f, iodev->dname, preflen);
> -+ memcpy(f + preflen, fname, nlen + 1);
> -+
> -+ if (gp_validate_path(mem, f, access) != 0)
> - return gs_error_invalidfileaccess;
> -
> - /* First we try the open_handle method. */
> -diff --git a/base/gp_msprn.c b/base/gp_msprn.c
> -index ed4827968..746a974f7 100644
> ---- a/base/gp_msprn.c
> -+++ b/base/gp_msprn.c
> -@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
> - uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
> - gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
> - gs_fs_list_t *fs = ctx->core->fs;
> -+ const size_t preflen = strlen(iodev->dname);
> -+ const size_t nlen = strlen(fname);
> -
> -- if (gp_validate_path(mem, fname, access) != 0)
> -+ if (preflen + nlen >= gp_file_name_sizeof)
> -+ return_error(gs_error_invalidaccess);
> -+
> -+ memcpy(pname, iodev->dname, preflen);
> -+ memcpy(pname + preflen, fname, nlen + 1);
> -+
> -+ if (gp_validate_path(mem, pname, access) != 0)
> - return gs_error_invalidfileaccess;
> -
> - /* First we try the open_printer method. */
> -diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
> -index f852c71fc..ba54cde66 100644
> ---- a/base/gp_os2pr.c
> -+++ b/base/gp_os2pr.c
> -@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
> - FILE ** pfile, char *rfname, uint rnamelen)
> - {
> - os2_printer_t *pr = (os2_printer_t *)iodev->state;
> -- char driver_name[256];
> -+ char driver_name[gp_file_name_sizeof];
> - gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
> - gs_fs_list_t *fs = ctx->core->fs;
> -+ const size_t preflen = strlen(iodev->dname);
> -+ const int size_t = strlen(fname);
> -+
> -+ if (preflen + nlen >= gp_file_name_sizeof)
> -+ return_error(gs_error_invalidaccess);
> -+
> -+ memcpy(driver_name, iodev->dname, preflen);
> -+ memcpy(driver_name + preflen, fname, nlen + 1);
> -+
> -+ if (gp_validate_path(mem, driver_name, access) != 0)
> -+ return gs_error_invalidfileaccess;
> -
> - /* First we try the open_printer method. */
> - /* Note that the loop condition here ensures we don't
> -diff --git a/base/gslibctx.c b/base/gslibctx.c
> -index 6dfed6cd5..318039fad 100644
> ---- a/base/gslibctx.c
> -+++ b/base/gslibctx.c
> -@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
> - int
> - gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
> - {
> -- char *fp, f[gp_file_name_sizeof];
> -- const int pipe = 124; /* ASCII code for '|' */
> -- const int len = strlen(fname);
> -- int i, code;
> -+ char f[gp_file_name_sizeof];
> -+ int code;
> -
> - /* Be sure the string copy will fit */
> -- if (len >= gp_file_name_sizeof)
> -+ if (strlen(fname) >= gp_file_name_sizeof)
> - return gs_error_rangecheck;
> - strcpy(f, fname);
> -- fp = f;
> - /* Try to rewrite any %d (or similar) in the string */
> - rewrite_percent_specifiers(f);
> -- for (i = 0; i < len; i++) {
> -- if (f[i] == pipe) {
> -- fp = &f[i + 1];
> -- /* Because we potentially have to check file permissions at two levels
> -- for the output file (gx_device_open_output_file and the low level
> -- fopen API, if we're using a pipe, we have to add both the full string,
> -- (including the '|', and just the command to which we pipe - since at
> -- the pipe_fopen(), the leading '|' has been stripped.
> -- */
> -- code = gs_add_control_path(mem, gs_permit_file_writing, f);
> -- if (code < 0)
> -- return code;
> -- code = gs_add_control_path(mem, gs_permit_file_control, f);
> -- if (code < 0)
> -- return code;
> -- break;
> -- }
> -- if (!IS_WHITESPACE(f[i]))
> -- break;
> -- }
> -- code = gs_add_control_path(mem, gs_permit_file_control, fp);
> -+
> -+ code = gs_add_control_path(mem, gs_permit_file_control, f);
> - if (code < 0)
> - return code;
> -- return gs_add_control_path(mem, gs_permit_file_writing, fp);
> -+ return gs_add_control_path(mem, gs_permit_file_writing, f);
> - }
> -
> - int
> - gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
> - {
> -- char *fp, f[gp_file_name_sizeof];
> -- const int pipe = 124; /* ASCII code for '|' */
> -- const int len = strlen(fname);
> -- int i, code;
> -+ char f[gp_file_name_sizeof];
> -+ int code;
> -
> - /* Be sure the string copy will fit */
> -- if (len >= gp_file_name_sizeof)
> -+ if (strlen(fname) >= gp_file_name_sizeof)
> - return gs_error_rangecheck;
> - strcpy(f, fname);
> -- fp = f;
> - /* Try to rewrite any %d (or similar) in the string */
> -- for (i = 0; i < len; i++) {
> -- if (f[i] == pipe) {
> -- fp = &f[i + 1];
> -- /* Because we potentially have to check file permissions at two levels
> -- for the output file (gx_device_open_output_file and the low level
> -- fopen API, if we're using a pipe, we have to add both the full string,
> -- (including the '|', and just the command to which we pipe - since at
> -- the pipe_fopen(), the leading '|' has been stripped.
> -- */
> -- code = gs_remove_control_path(mem, gs_permit_file_writing, f);
> -- if (code < 0)
> -- return code;
> -- code = gs_remove_control_path(mem, gs_permit_file_control, f);
> -- if (code < 0)
> -- return code;
> -- break;
> -- }
> -- if (!IS_WHITESPACE(f[i]))
> -- break;
> -- }
> -- code = gs_remove_control_path(mem, gs_permit_file_control, fp);
> -+ rewrite_percent_specifiers(f);
> -+
> -+ code = gs_remove_control_path(mem, gs_permit_file_control, f);
> - if (code < 0)
> - return code;
> -- return gs_remove_control_path(mem, gs_permit_file_writing, fp);
> -+ return gs_remove_control_path(mem, gs_permit_file_writing, f);
> - }
> -
> - int
> ---
> -2.20.1
> -
> diff --git a/package/ghostscript/0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch b/package/ghostscript/0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
> deleted file mode 100644
> index 352f1754f6..0000000000
> --- a/package/ghostscript/0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
> +++ /dev/null
> @@ -1,52 +0,0 @@
> -From 7861fcad13c497728189feafb41cd57b5b50ea25 Mon Sep 17 00:00:00 2001
> -From: Chris Liddell <chris.liddell@artifex.com>
> -Date: Fri, 12 Feb 2021 10:34:23 +0000
> -Subject: [PATCH] oss-fuzz 30715: Check stack limits after function evaluation.
> -
> -During function result sampling, after the callout to the Postscript
> -interpreter, make sure there is enough stack space available before pushing
> -or popping entries.
> -
> -In thise case, the Postscript procedure for the "function" is totally invalid
> -(as a function), and leaves the op stack in an unrecoverable state (as far as
> -function evaluation is concerned). We end up popping more entries off the
> -stack than are available.
> -
> -To cope, add in stack limit checking to throw an appropriate error when this
> -happens.
> -
> -[Retrieved from:
> -https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7861fcad13c497728189feafb41cd57b5b50ea25]
> -Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ----
> - psi/zfsample.c | 14 +++++++++++---
> - 1 file changed, 11 insertions(+), 3 deletions(-)
> -
> -diff --git a/psi/zfsample.c b/psi/zfsample.c
> -index 290809405..652ae02c6 100644
> ---- a/psi/zfsample.c
> -+++ b/psi/zfsample.c
> -@@ -551,9 +551,17 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
> - } else {
> - if (stack_depth_adjust) {
> - stack_depth_adjust -= num_out;
> -- push(O_STACK_PAD - stack_depth_adjust);
> -- for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
> -- make_null(op - i);
> -+ if ((O_STACK_PAD - stack_depth_adjust) < 0) {
> -+ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
> -+ check_op(stack_depth_adjust);
> -+ pop(stack_depth_adjust);
> -+ }
> -+ else {
> -+ check_ostack(O_STACK_PAD - stack_depth_adjust);
> -+ push(O_STACK_PAD - stack_depth_adjust);
> -+ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
> -+ make_null(op - i);
> -+ }
> - }
> - }
> -
> ---
> -2.25.1
> -
> diff --git a/package/ghostscript/0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch b/package/ghostscript/0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
> deleted file mode 100644
> index 72e07df0ac..0000000000
> --- a/package/ghostscript/0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
> +++ /dev/null
> @@ -1,68 +0,0 @@
> -From 2a3129365d3bc0d4a41f107ef175920d1505d1f7 Mon Sep 17 00:00:00 2001
> -From: Chris Liddell <chris.liddell@artifex.com>
> -Date: Tue, 1 Jun 2021 19:57:16 +0100
> -Subject: [PATCH] Bug 703902: Fix op stack management in
> - sampled_data_continue()
> -
> -Replace pop() (which does no checking, and doesn't handle stack extension
> -blocks) with ref_stack_pop() which does do all that.
> -
> -We still use pop() in one case (it's faster), but we have to later use
> -ref_stack_pop() before calling sampled_data_sample() which also accesses the
> -op stack.
> -
> -Fixes:
> -https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675
> -
> -[Retrieved from:
> -https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=2a3129365d3bc0d4a41f107ef175920d1505d1f7]
> -Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ----
> - psi/zfsample.c | 16 ++++++++++------
> - 1 file changed, 10 insertions(+), 6 deletions(-)
> -
> -diff --git a/psi/zfsample.c b/psi/zfsample.c
> -index 0e8e4bc8d..00cd0cfdd 100644
> ---- a/psi/zfsample.c
> -+++ b/psi/zfsample.c
> -@@ -533,15 +533,19 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
> - for (j = 0; j < bps; j++)
> - data_ptr[bps * i + j] = (byte)(cv >> ((bps - 1 - j) * 8)); /* MSB first */
> - }
> -- pop(num_out); /* Move op to base of result values */
> -
> -- /* Check if we are done collecting data. */
> -+ pop(num_out); /* Move op to base of result values */
> -
> -+ /* From here on, we have to use ref_stack_pop() rather than pop()
> -+ so that it handles stack extension blocks properly, before calling
> -+ sampled_data_sample() which also uses the op stack.
> -+ */
> -+ /* Check if we are done collecting data. */
> - if (increment_cube_indexes(params, penum->indexes)) {
> - if (stack_depth_adjust == 0)
> -- pop(O_STACK_PAD); /* Remove spare stack space */
> -+ ref_stack_pop(&o_stack, O_STACK_PAD); /* Remove spare stack space */
> - else
> -- pop(stack_depth_adjust - num_out);
> -+ ref_stack_pop(&o_stack, stack_depth_adjust - num_out);
> - /* Execute the closing procedure, if given */
> - code = 0;
> - if (esp_finish_proc != 0)
> -@@ -554,11 +558,11 @@ sampled_data_continue(i_ctx_t *i_ctx_p)
> - if ((O_STACK_PAD - stack_depth_adjust) < 0) {
> - stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust);
> - check_op(stack_depth_adjust);
> -- pop(stack_depth_adjust);
> -+ ref_stack_pop(&o_stack, stack_depth_adjust);
> - }
> - else {
> - check_ostack(O_STACK_PAD - stack_depth_adjust);
> -- push(O_STACK_PAD - stack_depth_adjust);
> -+ ref_stack_push(&o_stack, O_STACK_PAD - stack_depth_adjust);
> - for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++)
> - make_null(op - i);
> - }
> ---
> -2.25.1
> -
> diff --git a/package/ghostscript/ghostscript.hash b/package/ghostscript/ghostscript.hash
> index f6cedc6198..95305a5e06 100644
> --- a/package/ghostscript/ghostscript.hash
> +++ b/package/ghostscript/ghostscript.hash
> @@ -1,5 +1,5 @@
> -# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9533/SHA512SUMS
> -sha512 c142ef9d83896aa8fd18c8e412220fe8f4950614be00d327d27ab051fe85e16524bf2ee00f46c2aca7a352ce47bc3acf2c4de0f7bbea7e4c55474b8af6cdc0a6 ghostscript-9.53.3.tar.gz
> +# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9550/SHA512SUMS
> +sha512 3646b7981dced443559ba97c74c08463139e86a5479661e4dcd217c51e3f8e766da9cf4d7889a98ba3c079a17e9e5b452cc765b633e0720deab2337e77efdd09 ghostscript-9.55.0.tar.gz
>
> # Hash for license file:
> -sha256 6f852249f975287b3efd43a5883875e47fa9f3125e2f1b18b5c09517ac30ecf2 LICENSE
> +sha256 8ce064f423b7c24a011b6ebf9431b8bf9861a5255e47c84bfb23fc526d030a8b LICENSE
> diff --git a/package/ghostscript/ghostscript.mk b/package/ghostscript/ghostscript.mk
> index 9e13f29fe9..24a0c489a8 100644
> --- a/package/ghostscript/ghostscript.mk
> +++ b/package/ghostscript/ghostscript.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -GHOSTSCRIPT_VERSION = 9.53.3
> +GHOSTSCRIPT_VERSION = 9.55.0
> GHOSTSCRIPT_SITE = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs$(subst .,,$(GHOSTSCRIPT_VERSION))
> GHOSTSCRIPT_LICENSE = AGPL-3.0
> GHOSTSCRIPT_LICENSE_FILES = LICENSE
> @@ -21,15 +21,6 @@ GHOSTSCRIPT_DEPENDENCIES = \
> libpng \
> tiff
>
> -# 0002-Bug-704342-Include-device-specifier-strings-in-acces.patch
> -GHOSTSCRIPT_IGNORE_CVES += CVE-2021-3781
> -
> -# 0003-oss-fuzz-30715-Check-stack-limits-after-function-evaluation.patch
> -GHOSTSCRIPT_IGNORE_CVES += CVE-2021-45944
> -
> -# 0004-Bug-703902-Fix-op-stack-management-in-sampled_data_continue.patch
> -GHOSTSCRIPT_IGNORE_CVES += CVE-2021-45949
> -
> # Ghostscript includes (old) copies of several libraries, delete them.
> # Inspired by linuxfromscratch:
> # http://www.linuxfromscratch.org/blfs/view/svn/pst/gs.html
> @@ -52,6 +43,7 @@ GHOSTSCRIPT_CONF_OPTS = \
> --enable-freetype \
> --disable-gtk \
> --without-libpaper \
> + --without-pdf \
> --with-system-libtiff
>
> ifeq ($(BR2_PACKAGE_JBIG2DEC),y)
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-02-03 20:43 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-15 14:39 [Buildroot] [PATCH 1/1] package/ghostscript: bump to version 9.55.0 Fabrice Fontaine
2022-02-03 20:43 ` Arnout Vandecappelle
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.