aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-05-29 13:47:39 -0400
committerLeo Famulari <leo@famulari.name>2017-06-02 14:13:45 -0400
commitd6158fe70dfef6c03357d75d36dc7cac813dea45 (patch)
tree5d03461cbd909605e8104d1c5f55cf517a28341f
parentbaf549df14c6d4a63bfbd0054b865446a97e872a (diff)
downloadguix-d6158fe70dfef6c03357d75d36dc7cac813dea45.tar
guix-d6158fe70dfef6c03357d75d36dc7cac813dea45.tar.gz
gnu: ghostscript: Switch to Artifex Ghostcript and update to 9.21.
* gnu/packages/ghostscript.scm (ghostscript): Update to 9.21. [source]: Fetch the source from Artifex. [native-inputs]: Remove pkg-config. [inputs]: Add jbig2dec and use libjpeg instead of libjpeg-8. [arguments]: Add #:configure-flags. [replacement]: Remove field. (ghostcript/fixed): Remove variable. * gnu/packages/patches/ghostscript-CVE-2017-8291.patch, gnu/packages/patches/ghostscript-runpath.patch: Adjust to new upstream source. * gnu/packages/patches/ghostscript-CVE-2013-5653.patch, gnu/packages/patches/ghostscript-CVE-2015-3228.patch, gnu/packages/patches/ghostscript-CVE-2016-7976.patch, gnu/packages/patches/ghostscript-CVE-2016-7978.patch, gnu/packages/patches/ghostscript-CVE-2016-7979.patch, gnu/packages/patches/ghostscript-CVE-2016-8602.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Adjust accordingly.
-rw-r--r--gnu/local.mk6
-rw-r--r--gnu/packages/ghostscript.scm161
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2013-5653.patch85
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2015-3228.patch32
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2016-7976.patch185
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2016-7978.patch25
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2016-7979.patch48
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2016-8602.patch47
-rw-r--r--gnu/packages/patches/ghostscript-CVE-2017-8291.patch166
-rw-r--r--gnu/packages/patches/ghostscript-runpath.patch17
10 files changed, 240 insertions, 532 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 5090c04b9f..95efe60ed6 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -614,12 +614,6 @@ dist_patch_DATA = \
%D%/packages/patches/gettext-multi-core.patch \
%D%/packages/patches/gettext-gnulib-multi-core.patch \
%D%/packages/patches/ghc-dont-pass-linker-flags-via-response-files.patch \
- %D%/packages/patches/ghostscript-CVE-2013-5653.patch \
- %D%/packages/patches/ghostscript-CVE-2015-3228.patch \
- %D%/packages/patches/ghostscript-CVE-2016-7976.patch \
- %D%/packages/patches/ghostscript-CVE-2016-7978.patch \
- %D%/packages/patches/ghostscript-CVE-2016-7979.patch \
- %D%/packages/patches/ghostscript-CVE-2016-8602.patch \
%D%/packages/patches/ghostscript-CVE-2017-8291.patch \
%D%/packages/patches/ghostscript-runpath.patch \
%D%/packages/patches/glib-networking-ssl-cert-file.patch \
diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm
index 3a24580b77..ffe6e018bd 100644
--- a/gnu/packages/ghostscript.scm
+++ b/gnu/packages/ghostscript.scm
@@ -129,85 +129,98 @@ printing, and psresize, for adjusting page sizes.")
(define-public ghostscript
(package
- (name "ghostscript")
- (version "9.14.0")
- ;; XXX Try removing the bundled copy of jbig2dec.
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/ghostscript/gnu-ghostscript-"
- version ".tar.xz"))
- (sha256
- (base32
- "0q4jj41p0qbr4mgcc9q78f5zs8cm1g57wgryhsm2yq4lfslm3ib1"))
- (patches (search-patches "ghostscript-CVE-2013-5653.patch"
- "ghostscript-CVE-2015-3228.patch"
- "ghostscript-CVE-2016-7976.patch"
- "ghostscript-CVE-2016-7978.patch"
- "ghostscript-CVE-2016-7979.patch"
- "ghostscript-CVE-2016-8602.patch"
- "ghostscript-CVE-2017-8291.patch"
- "ghostscript-runpath.patch"))
- (modules '((guix build utils)))
- (snippet
- ;; Honor --docdir.
- '(substitute* "Makefile.in"
- (("^docdir=.*$") "docdir = @docdir@\n")
- (("^exdir=.*$") "exdir = $(docdir)/examples\n")))))
- (build-system gnu-build-system)
- (outputs '("out" "doc")) ;16 MiB of HTML/PS doc + examples
- (inputs `(("freetype" ,freetype)
- ("lcms" ,lcms)
- ("libjpeg-8" ,libjpeg-8)
- ("libpng" ,libpng)
- ("libpaper" ,libpaper)
- ("libtiff" ,libtiff)
- ("zlib" ,zlib)))
- (native-inputs
- `(("perl" ,perl)
- ("pkg-config" ,pkg-config) ; needed to find libtiff
- ("python" ,python-wrapper)
- ("tcl" ,tcl)))
- (arguments
- `(#:disallowed-references ("doc")
- #:phases
- (modify-phases %standard-phases
- (add-after 'configure 'patch-config-files
- (lambda _
- (substitute* "base/all-arch.mak"
- (("/bin/sh") (which "sh")))
- (substitute* "base/unixhead.mak"
- (("/bin/sh") (which "sh")))))
- (add-after 'configure 'remove-doc-reference
- (lambda _
- ;; Don't retain a reference to the 'doc' output in 'gs'.
- ;; The only use of this definition is in the output of
- ;; 'gs --help', so this change is fine.
- (substitute* "base/gscdef.c"
- (("GS_DOCDIR")
- "\"~/.guix-profile/share/doc/ghostscript\""))))
- (replace 'build
+ (name "ghostscript")
+ (version "9.21")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/ArtifexSoftware/"
+ "ghostpdl-downloads/releases/download/gs"
+ (string-delete #\. version)
+ "/ghostscript-" version ".tar.xz"))
+ (sha256
+ (base32
+ "0lyhjcrkmd5fcmh8h56bs4xr9k4jasmikv5vsix1hd4ai0ad1q9b"))
+ (patches (search-patches "ghostscript-runpath.patch"
+ "ghostscript-CVE-2017-8291.patch"))
+ (modules '((guix build utils)))
+ (snippet
+ ;; Remove bundled libraries. The bundled OpenJPEG is a patched fork so
+ ;; we leave it, at least for now.
+ ;; TODO Try unbundling ijs, which is developed alongside Ghostscript.
+ '(begin
+ (for-each delete-file-recursively '("freetype" "jbig2dec" "jpeg"
+ "lcms2" "libpng"
+ "tiff" "zlib"))))))
+ (build-system gnu-build-system)
+ (outputs '("out" "doc")) ;19 MiB of HTML/PS doc + examples
+ (arguments
+ `(#:disallowed-references ("doc")
+ #:configure-flags
+ (list "--with-system-libtiff"
+ "LIBS=-lz"
+ (string-append "ZLIBDIR="
+ (assoc-ref %build-inputs "zlib") "/include")
+ "--enable-dynamic")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'fix-doc-dir
(lambda _
- ;; Build 'libgs.so', but don't build the statically-linked 'gs'
- ;; binary (saves 18 MiB).
- (zero? (system* "make" "so" "-j"
- (number->string (parallel-job-count))))))
- (replace 'install
+ ;; Honor --docdir.
+ (substitute* "Makefile.in"
+ (("^docdir=.*$") "docdir = @docdir@\n")
+ (("^exdir=.*$") "exdir = $(docdir)/examples\n"))
+ #t))
+ (add-after 'configure 'remove-doc-reference
(lambda _
- (zero? (system* "make" "soinstall"))))
- (add-after 'install 'create-gs-symlink
- (lambda* (#:key outputs #:allow-other-keys)
- (let ((out (assoc-ref outputs "out")))
- ;; some programs depend on having a 'gs' binary available
- (symlink "gsc" (string-append out "/bin/gs"))))))))
- (synopsis "PostScript and PDF interpreter")
- (description
- "Ghostscript is an interpreter for the PostScript language and the PDF
+ ;; Don't retain a reference to the 'doc' output in 'gs'.
+ ;; The only use of this definition is in the output of
+ ;; 'gs --help', so this change is fine.
+ (substitute* "base/gscdef.c"
+ (("GS_DOCDIR")
+ "\"~/.guix-profile/share/doc/ghostscript\""))
+ #t))
+ (add-after 'configure 'patch-config-files
+ (lambda _
+ (substitute* "base/unixhead.mak"
+ (("/bin/sh") (which "sh")))
+ #t))
+ (replace 'build
+ (lambda _
+ ;; Build 'libgs.so', but don't build the statically-linked 'gs'
+ ;; binary (saves 22 MiB).
+ (zero? (system* "make" "so" "-j"
+ (number->string (parallel-job-count))))))
+ (replace 'install
+ (lambda _
+ (zero? (system* "make" "soinstall"))))
+ (add-after 'install 'create-gs-symlink
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let ((out (assoc-ref outputs "out")))
+ ;; Some programs depend on having a 'gs' binary available.
+ (symlink "gsc" (string-append out "/bin/gs"))
+ #t))))))
+ (native-inputs
+ `(("perl" ,perl)
+ ("python" ,python-wrapper)
+ ("tcl" ,tcl)))
+ (inputs
+ `(("freetype" ,freetype)
+ ("jbig2dec" ,jbig2dec)
+ ("lcms2" ,lcms)
+ ("libjpeg" ,libjpeg)
+ ("libpaper" ,libpaper)
+ ("libpng" ,libpng)
+ ("libtiff" ,libtiff)
+ ("zlib" ,zlib)))
+ (synopsis "PostScript and PDF interpreter")
+ (description
+ "Ghostscript is an interpreter for the PostScript language and the PDF
file format. It also includes a C library that implements the graphics
capabilities of the PostScript language. It supports a wide variety of
output file formats and printers.")
- (license license:agpl3+)
- (home-page "https://www.gnu.org/software/ghostscript/")
- (properties '((upstream-name . "gnu-ghostscript")))))
+ (home-page "https://www.ghostscript.com/")
+ (license license:agpl3+)))
(define-public ghostscript/x
(package/inherit ghostscript
diff --git a/gnu/packages/patches/ghostscript-CVE-2013-5653.patch b/gnu/packages/patches/ghostscript-CVE-2013-5653.patch
deleted file mode 100644
index 622266b176..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2013-5653.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-The following patch was adapted for GNU Ghostscript
-by Mark H Weaver <mhw@netris.org> based on:
-
-http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ab109aaeb3ddba59518b036fb288402a65cf7ce8
-
-From ab109aaeb3ddba59518b036fb288402a65cf7ce8 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Sat, 5 Mar 2016 14:56:03 -0800
-Subject: [PATCH] Bug 694724: Have filenameforall and getenv honor SAFER
-
----
- Resource/Init/gs_init.ps | 2 ++
- psi/zfile.c | 36 ++++++++++++++++++++----------------
- 2 files changed, 22 insertions(+), 16 deletions(-)
-
-diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
-index fa33d88..99888ac 100644
---- a/Resource/Init/gs_init.ps
-+++ b/Resource/Init/gs_init.ps
-@@ -2018,6 +2018,7 @@ readonly def
-
- /.locksafe {
- .locksafe_userparams
-+ systemdict /getenv {pop //false} put
- % setpagedevice has the side effect of clearing the page, but
- % we will just document that. Using setpagedevice keeps the device
- % properties and pagedevice .LockSafetyParams in agreement even
-@@ -2036,6 +2037,7 @@ readonly def
- %%
- /.locksafeglobal {
- .locksafe_userparams
-+ systemdict /getenv {pop //false} put
- % setpagedevice has the side effect of clearing the page, but
- % we will just document that. Using setpagedevice keeps the device
- % properties and pagedevice .LockSafetyParams in agreement even
-diff --git a/psi/zfile.c b/psi/zfile.c
-index 320ecd5..0b9f299 100644
---- a/psi/zfile.c
-+++ b/psi/zfile.c
-@@ -371,22 +371,26 @@ file_continue(i_ctx_t *i_ctx_p)
-
- if (len < devlen)
- return_error(e_rangecheck); /* not even room for device len */
-- memcpy((char *)pscratch->value.bytes, iodev->dname, devlen);
-- code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen,
-- len - devlen);
-- if (code == ~(uint) 0) { /* all done */
-- esp -= 5; /* pop proc, pfen, devlen, iodev , mark */
-- return o_pop_estack;
-- } else if (code > len) /* overran string */
-- return_error(e_rangecheck);
-- else {
-- push(1);
-- ref_assign(op, pscratch);
-- r_set_size(op, code + devlen);
-- push_op_estack(file_continue); /* come again */
-- *++esp = pscratch[2]; /* proc */
-- return o_push_estack;
-- }
-+
-+ do {
-+ memcpy((char *)pscratch->value.bytes, iodev->dname, devlen);
-+ code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen,
-+ len - devlen);
-+ if (code == ~(uint) 0) { /* all done */
-+ esp -= 5; /* pop proc, pfen, devlen, iodev , mark */
-+ return o_pop_estack;
-+ } else if (code > len) /* overran string */
-+ return_error(e_rangecheck);
-+ else if (iodev != iodev_default(imemory)
-+ || (check_file_permissions_reduced(i_ctx_p, (char *)pscratch->value.bytes, code + devlen, "PermitFileReading")) == 0) {
-+ push(1);
-+ ref_assign(op, pscratch);
-+ r_set_size(op, code + devlen);
-+ push_op_estack(file_continue); /* come again */
-+ *++esp = pscratch[2]; /* proc */
-+ return o_push_estack;
-+ }
-+ } while(1);
- }
- /* Cleanup procedure for enumerating files */
- static int
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2015-3228.patch b/gnu/packages/patches/ghostscript-CVE-2015-3228.patch
deleted file mode 100644
index c19fdb1d43..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2015-3228.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-The file names in the upstream patch below were modified to apply to GNU
-ghostscript.
-
-From 0c0b0859ae1aba64861599f0e7f74f143f305932 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Tue, 7 Jul 2015 16:57:41 +0100
-Subject: [PATCH] Bug 696041: sanity check for memory allocation.
-
-In gs_heap_alloc_bytes(), add a sanity check to ensure we don't overflow the
-variable holding the actual number of bytes we allocate.
-
-No cluster differences
----
- gs/base/gsmalloc.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/base/gsmalloc.c b/base/gsmalloc.c
-index 624552d..cad79c2 100644
---- a/base/gsmalloc.c
-+++ b/base/gsmalloc.c
-@@ -178,7 +178,7 @@ gs_heap_alloc_bytes(gs_memory_t * mem, uint size, client_name_t cname)
- } else {
- uint added = size + sizeof(gs_malloc_block_t);
-
-- if (mmem->limit - added < mmem->used)
-+ if (added <= size || mmem->limit - added < mmem->used)
- set_msg("exceeded limit");
- else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0)
- set_msg("failed");
---
-2.4.6
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7976.patch b/gnu/packages/patches/ghostscript-CVE-2016-7976.patch
deleted file mode 100644
index 0a09f89016..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2016-7976.patch
+++ /dev/null
@@ -1,185 +0,0 @@
-The following patch was adapted for GNU Ghostscript
-by Mark H Weaver <mhw@netris.org> based on:
-
-http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d
-
-From 6d444c273da5499a4cd72f21cb6d4c9a5256807d Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Wed, 5 Oct 2016 09:55:55 +0100
-Subject: [PATCH] Bug 697178: Add a file permissions callback
-
-For the rare occasions when the graphics library directly opens a file
-(currently for reading), this allows us to apply any restrictions on
-file access normally applied in the interpteter.
----
- base/gsicc_manage.c | 10 ++++++----
- base/gslibctx.c | 12 +++++++++++-
- base/gslibctx.h | 7 +++++++
- psi/imain.c | 2 ++
- psi/int.mak | 2 +-
- psi/zfile.c | 19 +++++++++++++++++++
- psi/zfile.h | 7 +++++++
- 7 files changed, 53 insertions(+), 6 deletions(-)
-
-diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c
-index 931c2a6..e9c09c3 100644
---- a/base/gsicc_manage.c
-+++ b/base/gsicc_manage.c
-@@ -1028,10 +1028,12 @@ gsicc_open_search(const char* pname, int namelen, gs_memory_t *mem_gc,
- }
-
- /* First just try it like it is */
-- str = sfopen(pname, "rb", mem_gc);
-- if (str != NULL) {
-- *strp = str;
-- return 0;
-+ if (gs_check_file_permission(mem_gc, pname, namelen, "r") >= 0) {
-+ str = sfopen(pname, "rb", mem_gc);
-+ if (str != NULL) {
-+ *strp = str;
-+ return 0;
-+ }
- }
-
- /* If that fails, try %rom% */ /* FIXME: Not sure this is needed or correct */
-diff --git a/base/gslibctx.c b/base/gslibctx.c
-index eaa0458..37ce1ca 100644
---- a/base/gslibctx.c
-+++ b/base/gslibctx.c
-@@ -121,7 +121,7 @@ int gs_lib_ctx_init( gs_memory_t *mem )
- mem->gs_lib_ctx = NULL;
- return -1;
- }
--
-+ pio->client_check_file_permission = NULL;
- gp_get_realtime(pio->real_time_0);
-
- return 0;
-@@ -262,3 +262,13 @@ void errflush(const gs_memory_t *mem)
- fflush(mem->gs_lib_ctx->fstderr);
- /* else nothing to flush */
- }
-+
-+int
-+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission)
-+{
-+ int code = 0;
-+ if (mem->gs_lib_ctx->client_check_file_permission != NULL) {
-+ code = mem->gs_lib_ctx->client_check_file_permission(mem, fname, len, permission);
-+ }
-+ return code;
-+}
-diff --git a/base/gslibctx.h b/base/gslibctx.h
-index 7a4e110..020e2d9 100644
---- a/base/gslibctx.h
-+++ b/base/gslibctx.h
-@@ -32,6 +32,9 @@ typedef struct gs_fapi_server_s gs_fapi_server;
- # define gs_font_dir_DEFINED
- typedef struct gs_font_dir_s gs_font_dir;
- #endif
-+
-+typedef int (*client_check_file_permission_t) (gs_memory_t *mem, const char *fname, const int len, const char *permission);
-+
- typedef struct gs_lib_ctx_s
- {
- gs_memory_t *memory; /* mem->gs_lib_ctx->memory == mem */
-@@ -59,6 +62,7 @@ typedef struct gs_lib_ctx_s
- bool dict_auto_expand; /* ps dictionary: false level 1 true level 2 or 3 */
- /* A table of local copies of the IODevices */
- struct gx_io_device_s **io_device_table;
-+ client_check_file_permission_t client_check_file_permission;
- /* Define the default value of AccurateScreens that affects setscreen
- and setcolorscreen. */
- bool screen_accurate_screens;
-@@ -108,6 +112,9 @@ int
- void gs_lib_ctx_set_icc_directory(const gs_memory_t *mem_gc, const char* pname,
- int dir_namelen);
-
-+int
-+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission);
-+
- #define IS_LIBCTX_STDOUT(mem, f) (f == mem->gs_lib_ctx->fstdout)
- #define IS_LIBCTX_STDERR(mem, f) (f == mem->gs_lib_ctx->fstderr)
-
-diff --git a/psi/imain.c b/psi/imain.c
-index 9a9bb5d..6874128 100644
---- a/psi/imain.c
-+++ b/psi/imain.c
-@@ -57,6 +57,7 @@
- #include "ivmspace.h"
- #include "idisp.h" /* for setting display device callback */
- #include "iplugin.h"
-+#include "zfile.h"
-
- #ifdef PACIFY_VALGRIND
- #include "valgrind.h"
-@@ -215,6 +216,7 @@ gs_main_init1(gs_main_instance * minst)
- "the_gs_name_table");
- if (code < 0)
- return code;
-+ mem->gs_lib_ctx->client_check_file_permission = z_check_file_permissions;
- }
- code = obj_init(&minst->i_ctx_p, &idmem); /* requires name_init */
- if (code < 0)
-diff --git a/psi/int.mak b/psi/int.mak
-index 4654afc..bb30d51 100644
---- a/psi/int.mak
-+++ b/psi/int.mak
-@@ -1868,7 +1868,7 @@ $(PSOBJ)imain.$(OBJ) : $(PSSRC)imain.c $(GH) $(memory__h) $(string__h)\
- $(ialloc_h) $(iconf_h) $(idebug_h) $(idict_h) $(idisp_h) $(iinit_h)\
- $(iname_h) $(interp_h) $(iplugin_h) $(isave_h) $(iscan_h) $(ivmspace_h)\
- $(iinit_h) $(main_h) $(oper_h) $(ostack_h)\
-- $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h)
-+ $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h) $(zfile_h)
- $(PSCC) $(PSO_)imain.$(OBJ) $(C_) $(PSSRC)imain.c
-
- #****** $(CCINT) interp.c
-diff --git a/psi/zfile.c b/psi/zfile.c
-index 2c6c958..2f27f82 100644
---- a/psi/zfile.c
-+++ b/psi/zfile.c
-@@ -197,6 +197,25 @@ check_file_permissions(i_ctx_t *i_ctx_p, const char *fname, int len,
- return check_file_permissions_reduced(i_ctx_p, fname_reduced, rlen, permitgroup);
- }
-
-+/* z_check_file_permissions: see zfile.h for explanation
-+ */
-+int
-+z_check_file_permissions(gs_memory_t *mem, const char *fname, const int len, const char *permission)
-+{
-+ i_ctx_t *i_ctx_p = get_minst_from_memory(mem)->i_ctx_p;
-+ gs_parsed_file_name_t pname;
-+ const char *permitgroup = permission[0] == 'r' ? "PermitFileReading" : "PermitFileWriting";
-+ int code = gs_parse_file_name(&pname, fname, len, imemory);
-+ if (code < 0)
-+ return code;
-+
-+ if (pname.iodev && i_ctx_p->LockFilePermissions && strcmp(pname.iodev->dname, "%pipe%") == 0)
-+ return e_invalidfileaccess;
-+
-+ code = check_file_permissions(i_ctx_p, fname, len, permitgroup);
-+ return code;
-+}
-+
- /* <name_string> <access_string> file <file> */
- int /* exported for zsysvm.c */
- zfile(i_ctx_t *i_ctx_p)
-diff --git a/psi/zfile.h b/psi/zfile.h
-index fdf1373..a9399c7 100644
---- a/psi/zfile.h
-+++ b/psi/zfile.h
-@@ -22,4 +22,11 @@
- int zopen_file(i_ctx_t *i_ctx_p, const gs_parsed_file_name_t *pfn,
- const char *file_access, stream **ps, gs_memory_t *mem);
-
-+/* z_check_file_permissions: a callback (via mem->gs_lib_ctx->client_check_file_permission)
-+ * to allow applying the above permissions checks when opening file(s) from
-+ * the graphics library
-+ */
-+int
-+z_check_file_permissions(gs_memory_t *mem, const char *fname,
-+ const int len, const char *permission);
- #endif
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7978.patch b/gnu/packages/patches/ghostscript-CVE-2016-7978.patch
deleted file mode 100644
index 81cb26e9ed..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2016-7978.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 6f749c0c44e7b9e09737b9f29edf29925a34f0cf Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Wed, 5 Oct 2016 09:59:25 +0100
-Subject: [PATCH] Bug 697179: Reference count device icc profile
-
-when copying a device
----
- base/gsdevice.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/base/gsdevice.c b/base/gsdevice.c
-index 778106f..aea986a 100644
---- a/base/gsdevice.c
-+++ b/base/gsdevice.c
-@@ -614,6 +614,7 @@ gx_device_init(gx_device * dev, const gx_device * proto, gs_memory_t * mem,
- dev->memory = mem;
- dev->retained = !internal;
- rc_init(dev, mem, (internal ? 0 : 1));
-+ rc_increment(dev->icc_struct);
- }
-
- void
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7979.patch b/gnu/packages/patches/ghostscript-CVE-2016-7979.patch
deleted file mode 100644
index a557adfdea..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2016-7979.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-The following patch was adapted for GNU Ghostscript
-by Mark H Weaver <mhw@netris.org> based on:
-
-http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=875a0095f37626a721c7ff57d606a0f95af03913
-
-From 875a0095f37626a721c7ff57d606a0f95af03913 Mon Sep 17 00:00:00 2001
-From: Ken Sharp <ken.sharp@artifex.com>
-Date: Wed, 5 Oct 2016 10:10:58 +0100
-Subject: [PATCH] DSC parser - validate parameters
-
-Bug #697190 ".initialize_dsc_parser doesn't validate the parameter is a dict type before using it."
-
-Regardless of any security implications, its simply wrong for a PostScript
-operator not to validate its parameter(s).
-
-No differences expected.
----
- psi/zdscpars.c | 13 +++++++++----
- 1 file changed, 9 insertions(+), 4 deletions(-)
-
-diff --git a/psi/zdscpars.c b/psi/zdscpars.c
-index c05e154..9b4b605 100644
---- a/psi/zdscpars.c
-+++ b/psi/zdscpars.c
-@@ -150,11 +150,16 @@ zinitialize_dsc_parser(i_ctx_t *i_ctx_p)
- ref local_ref;
- int code;
- os_ptr const op = osp;
-- dict * const pdict = op->value.pdict;
-- gs_memory_t * const mem = (gs_memory_t *)dict_memory(pdict);
-- dsc_data_t * const data =
-- gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init");
-+ dict *pdict;
-+ gs_memory_t *mem;
-+ dsc_data_t *data;
-
-+ check_read_type(*op, t_dictionary);
-+
-+ pdict = op->value.pdict;
-+ mem = (gs_memory_t *)dict_memory(pdict);
-+
-+ data = gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init");
- if (!data)
- return_error(e_VMerror);
- data->document_level = 0;
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2016-8602.patch b/gnu/packages/patches/ghostscript-CVE-2016-8602.patch
deleted file mode 100644
index aaf20b6c6c..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2016-8602.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-The following patch was adapted for GNU Ghostscript
-by Mark H Weaver <mhw@netris.org> based on:
-
-http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78
-
-From f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Sat, 8 Oct 2016 16:10:27 +0100
-Subject: [PATCH] Bug 697203: check for sufficient params in .sethalftone5
-
-and param types
----
- psi/zht2.c | 12 ++++++++++--
- 1 file changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/psi/zht2.c b/psi/zht2.c
-index fb4a264..dfa27a4 100644
---- a/psi/zht2.c
-+++ b/psi/zht2.c
-@@ -82,14 +82,22 @@ zsethalftone5(i_ctx_t *i_ctx_p)
- gs_memory_t *mem;
- uint edepth = ref_stack_count(&e_stack);
- int npop = 2;
-- int dict_enum = dict_first(op);
-+ int dict_enum;
- ref rvalue[2];
- int cname, colorant_number;
- byte * pname;
- uint name_size;
- int halftonetype, type = 0;
- gs_state *pgs = igs;
-- int space_index = r_space_index(op - 1);
-+ int space_index;
-+
-+ if (ref_stack_count(&o_stack) < 2)
-+ return_error(e_stackunderflow);
-+ check_type(*op, t_dictionary);
-+ check_type(*(op - 1), t_dictionary);
-+
-+ dict_enum = dict_first(op);
-+ space_index = r_space_index(op - 1);
-
- mem = (gs_memory_t *) idmemory->spaces_indexed[space_index];
-
---
-2.9.1
-
diff --git a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch
index db80b6ddec..d38bd593c0 100644
--- a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch
+++ b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch
@@ -1,15 +1,60 @@
Fix CVE-2017-8291:
-https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8291
+https://bugs.ghostscript.com/show_bug.cgi?id=697799
+https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate)
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8291
-This patch is adapted from these two Artifex Ghostscript commits by Leo
-Famulari <leo@famulari.name>:
+Patches copied from upstream source repository:
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d;hp=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3;hp=5603e8fc3e59c435318877efe627967ee6baebb8
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e
+https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad
+
+From 4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Thu, 27 Apr 2017 13:03:33 +0100
+Subject: [PATCH] Bug 697799: have .eqproc check its parameters
+
+The Ghostscript custom operator .eqproc was not check the number or type of
+the parameters it was given.
+---
+ psi/zmisc3.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/psi/zmisc3.c b/psi/zmisc3.c
+index 54b304246..37293ff4b 100644
+--- a/psi/zmisc3.c
++++ b/psi/zmisc3.c
+@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
+ ref2_t stack[MAX_DEPTH + 1];
+ ref2_t *top = stack;
+
++ if (ref_stack_count(&o_stack) < 2)
++ return_error(gs_error_stackunderflow);
++ if (!r_is_array(op - 1) || !r_is_array(op)) {
++ return_error(gs_error_typecheck);
++ }
++
+ make_array(&stack[0].proc1, 0, 1, op - 1);
+ make_array(&stack[0].proc2, 0, 1, op);
+ for (;;) {
+--
+2.13.0
+
+From 04b37bbce174eed24edec7ad5b920eb93db4d47d Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Thu, 27 Apr 2017 13:21:31 +0100
+Subject: [PATCH] Bug 697799: have .rsdparams check its parameters
+
+The Ghostscript internal operator .rsdparams wasn't checking the number or
+type of the operands it was being passed. Do so.
+---
+ psi/zfrsd.c | 22 +++++++++++++++-------
+ 1 file changed, 15 insertions(+), 7 deletions(-)
diff --git a/psi/zfrsd.c b/psi/zfrsd.c
-index fb4bce9..2629afa 100644
+index 191107d8a..950588d69 100644
--- a/psi/zfrsd.c
+++ b/psi/zfrsd.c
@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p)
@@ -24,9 +69,9 @@ index fb4bce9..2629afa 100644
+ int code = 0;
+
+ if (ref_stack_count(&o_stack) < 1)
-+ return_error(e_stackunderflow);
++ return_error(gs_error_stackunderflow);
+ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
-+ return_error(e_typecheck);
++ return_error(gs_error_typecheck);
+ }
make_empty_array(&empty_array, a_readonly);
@@ -35,15 +80,15 @@ index fb4bce9..2629afa 100644
+ && dict_find_string(op, "Filter", &pFilter) > 0) {
if (!r_is_array(pFilter)) {
if (!r_has_type(pFilter, t_name))
- return_error(e_typecheck);
+ return_error(gs_error_typecheck);
@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p)
- return_error(e_typecheck);
+ return_error(gs_error_typecheck);
}
}
- code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
+ if (r_has_type(op, t_dictionary))
+ code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
- if (code < 0 && code != e_rangecheck) /* out-of-range int is ok, use 0 */
+ if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */
return code;
- if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0
- )
@@ -54,20 +99,97 @@ index fb4bce9..2629afa 100644
push(1);
op[-1] = *pFilter;
if (pDecodeParms)
+--
+2.13.0
+
+From 57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Wed, 3 May 2017 12:05:45 +0100
+Subject: [PATCH] Bug 697846: revision to commit 4f83478c88 (.eqproc)
+
+When using the "DELAYBIND" feature, it turns out that .eqproc can be called with
+parameters that are not both procedures. In this case, it turns out, the
+expectation is for the operator to return 'false', rather than throw an error.
+---
+ psi/zmisc3.c | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
diff --git a/psi/zmisc3.c b/psi/zmisc3.c
-index 54b3042..0d357f1 100644
+index 37293ff4b..3f01d39a3 100644
--- a/psi/zmisc3.c
+++ b/psi/zmisc3.c
-@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
- ref2_t stack[MAX_DEPTH + 1];
- ref2_t *top = stack;
+@@ -38,6 +38,15 @@ zcliprestore(i_ctx_t *i_ctx_p)
+ return gs_cliprestore(igs);
+ }
-+ if (ref_stack_count(&o_stack) < 2)
-+ return_error(e_stackunderflow);
-+ if (!r_is_array(op - 1) || !r_is_array(op)) {
-+ return_error(e_typecheck);
-+ }
++static inline bool
++eqproc_check_type(ref *r)
++{
++ return r_has_type(r, t_array)
++ || r_has_type(r, t_mixedarray)
++ || r_has_type(r, t_shortarray)
++ || r_has_type(r, t_oparray);
++}
+
+ /* <proc1> <proc2> .eqproc <bool> */
+ /*
+ * Test whether two procedures are equal to depth 10.
+@@ -58,8 +67,10 @@ zeqproc(i_ctx_t *i_ctx_p)
+
+ if (ref_stack_count(&o_stack) < 2)
+ return_error(gs_error_stackunderflow);
+- if (!r_is_array(op - 1) || !r_is_array(op)) {
+- return_error(gs_error_typecheck);
++ if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) {
++ make_false(op - 1);
++ pop(1);
++ return 0;
+ }
+
make_array(&stack[0].proc1, 0, 1, op - 1);
- make_array(&stack[0].proc2, 0, 1, op);
- for (;;) {
+--
+2.13.0
+
+From ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Thu, 11 May 2017 14:07:48 +0100
+Subject: [PATCH] Bug 697892: fix check for op stack underflow.
+
+In the original fix, I used the wrong method to check for stack underflow, this
+is using the correct method.
+---
+ psi/zfrsd.c | 3 +--
+ psi/zmisc3.c | 3 +--
+ 2 files changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/psi/zfrsd.c b/psi/zfrsd.c
+index 950588d69..9c035b96d 100644
+--- a/psi/zfrsd.c
++++ b/psi/zfrsd.c
+@@ -54,8 +54,7 @@ zrsdparams(i_ctx_t *i_ctx_p)
+ uint i;
+ int code = 0;
+
+- if (ref_stack_count(&o_stack) < 1)
+- return_error(gs_error_stackunderflow);
++ check_op(1);
+ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
+ return_error(gs_error_typecheck);
+ }
+diff --git a/psi/zmisc3.c b/psi/zmisc3.c
+index 3f01d39a3..43803b55b 100644
+--- a/psi/zmisc3.c
++++ b/psi/zmisc3.c
+@@ -65,8 +65,7 @@ zeqproc(i_ctx_t *i_ctx_p)
+ ref2_t stack[MAX_DEPTH + 1];
+ ref2_t *top = stack;
+
+- if (ref_stack_count(&o_stack) < 2)
+- return_error(gs_error_stackunderflow);
++ check_op(2);
+ if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) {
+ make_false(op - 1);
+ pop(1);
+--
+2.13.0
+
diff --git a/gnu/packages/patches/ghostscript-runpath.patch b/gnu/packages/patches/ghostscript-runpath.patch
index c7dcfd4529..9f161e45b3 100644
--- a/gnu/packages/patches/ghostscript-runpath.patch
+++ b/gnu/packages/patches/ghostscript-runpath.patch
@@ -1,17 +1,18 @@
-This patch adds $(libdir) to the RUNPATH of 'gsc' and 'gsx'.
-
---- gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:45.386957927 +0200
-+++ gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:49.222982359 +0200
-@@ -91,11 +91,11 @@ $(GS_SO_MAJOR): $(GS_SO_MAJOR_MINOR)
+diff --git a/base/unix-dll.mak b/base/unix-dll.mak
+index 9d57a99..36ef1ff 100644
+--- a/base/unix-dll.mak
++++ b/base/unix-dll.mak
+@@ -171,11 +171,11 @@ gpdl-so-links-subtarget: $(GPDL_SO) $(UNIX_DLL_MAK) $(MAKEDIRS)
# Build the small Ghostscript loaders, with Gtk+ and without
- $(GSSOC_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER)
+ $(GSSOC_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
$(GLCC) -g -o $(GSSOC_XE) $(PSSRC)dxmainc.c \
- -L$(BINDIR) -l$(GS_SO_BASE)
+ -L$(BINDIR) -l$(GS_SO_BASE) -Wl,-rpath=$(libdir)
- $(GSSOX_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER)
+ $(GSSOX_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS)
$(GLCC) -g $(SOC_CFLAGS) -o $(GSSOX_XE) $(PSSRC)$(SOC_LOADER) \
- -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS)
+ -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) -Wl,-rpath=$(libdir)
- # ------------------------- Recursive make targets ------------------------- #
+ $(PCLSOC_XE): gpcl6-so-links-subtarget $(PLSRC)$(REALMAIN_SRC).c $(UNIX_DLL_MAK) $(MAKEDIRS)
+ $(GLCC) -g -o $(PCLSOC_XE) $(PLSRC)$(REALMAIN_SRC).c -L$(BINDIR) -l$(PCL_SO_BASE)