mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-31 02:02:25 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
2b3f2c67b65bb3cc19cac4b618bb86d4f1483539
poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2017-9739.patch
Joe Slater 8efe725080 ghostscript: fix several CVEs by adding bounds checking 
CVE-2017-9611
CVE-2017-9612
CVE-2017-9739
CVE-2017-9726

(From OE-Core rev: 3e5d80c84f4c141bc3f3193d1db899b0e56993cf)

Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-23 08:47:03 +01:00

38 lines
867 B
Diff
Raw Blame History

From c501a58f8d5650c8ba21d447c0d6f07eafcb0f15 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Fri, 16 Jun 2017 08:29:25 +0100
Subject: [PATCH] Bug 698063: Bounds check Ins_JMPR
---
base/ttinterp.c | 6 ++++++
1 file changed, 6 insertions(+)
--- end of original header
CVE: CVE-2017-9739
Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]
Signed-off-by: Joe Slater <joe.slater@windriver.com>
diff --git a/base/ttinterp.c b/base/ttinterp.c
index af457e8..adf3f0c 100644
--- a/base/ttinterp.c
+++ b/base/ttinterp.c
@@ -1794,6 +1794,12 @@ static int nInstrCount=0;
static void Ins_JMPR( INS_ARG )
{
+ if ( BOUNDS(CUR.IP + args[0], CUR.codeSize ) )
+ {
+ CUR.error = TT_Err_Invalid_Reference;
+ return;
+ }
+
CUR.IP += (Int)(args[0]);
CUR.step_ins = FALSE;
--
1.7.9.5
Reference in New Issue View Git Blame Copy Permalink