mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-21 21:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

ghostscript: fix CVE-2024-29506

Browse Source 
(From OE-Core rev: 68a6482244532e61bc467e1ef23661260bac8572)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Archana Polampalli
2024-08-08 11:05:43 +00:00
committed by Steve Sakoman
parent 52cfc78696
commit 5c036f07cc
2 changed files with 46 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29506.patch Normal file
View File

@@ -0,0 +1,45 @@
From 77dc7f699beba606937b7ea23b50cf5974fa64b1 Mon Sep 17 00:00:00 2001
From: Ken Sharp <Ken.Sharp@artifex.com>
Date: Thu, 25 Jan 2024 11:55:49 +0000
Subject: [PATCH] Bug 707510 - don't allow PDF files with bad Filters to
overflow the debug buffer
Item #2 of the report.
Allocate a buffer to hold the filter name, instead of assuming it will
fit in a fixed buffer.
Reviewed all the other PDFDEBUG cases, no others use a fixed buffer like
this.
CVE: CVE-2024-29506
Upstream-Status: Backport [https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=77dc7f699beba606937b7ea23b50cf5974fa64b1]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
pdf/pdf_file.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/pdf/pdf_file.c b/pdf/pdf_file.c
index 214d448..93c2402 100644
--- a/pdf/pdf_file.c
+++ b/pdf/pdf_file.c
@@ -767,10 +767,14 @@ static int pdfi_apply_filter(pdf_context *ctx, pdf_dict *dict, pdf_name *n, pdf_
if (ctx->args.pdfdebug)
{
- char str[100];
+ char *str;
+ str = gs_alloc_bytes(ctx->memory, n->length + 1, "temp string for debug");
+ if (str == NULL)
+ return_error(gs_error_VMerror);
memcpy(str, (const char *)n->data, n->length);
str[n->length] = '\0';
dmprintf1(ctx->memory, "FILTER NAME:%s\n", str);
+ gs_free_object(ctx->memory, str, "temp string for debug");
}
if (pdfi_name_is(n, "RunLengthDecode")) {
--
2.40.0

1
meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
View File

@@ -53,6 +53,7 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d
file://CVE-2024-29511-0001.patch \
file://CVE-2024-29511-0002.patch \
file://CVE-2024-29509.patch \
file://CVE-2024-29506.patch \
"
SRC_URI = "${SRC_URI_BASE} \