| Brad Bishop | 1a4b7ee | 2018-12-16 17:11:34 -0800 | [diff] [blame^] | 1 | From 37d7c9117b70e75ebed21c6c8192251f127c0fb0 Mon Sep 17 00:00:00 2001 |
| 2 | From: Nancy Durgin <nancy.durgin@artifex.com> |
| 3 | Date: Mon, 5 Nov 2018 15:36:27 +0800 |
| 4 | Subject: [PATCH 1/2] Undefine some additional internal operators. |
| 5 | |
| 6 | .type, .writecvs, .setSMask, .currentSMask |
| 7 | |
| 8 | These don't seem to be referenced anywhere outside of the initialization code, |
| 9 | which binds their usages. Passes cluster if they are removed. |
| 10 | |
| 11 | CVE: CVE-2018-18073 |
| 12 | Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git] |
| 13 | |
| 14 | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> |
| 15 | --- |
| 16 | Resource/Init/gs_init.ps | 3 ++- |
| 17 | 1 file changed, 2 insertions(+), 1 deletion(-) |
| 18 | |
| 19 | diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps |
| 20 | index f952f32..7c71d18 100644 |
| 21 | --- a/Resource/Init/gs_init.ps |
| 22 | +++ b/Resource/Init/gs_init.ps |
| 23 | @@ -2230,6 +2230,7 @@ SAFER { .setsafeglobal } if |
| 24 | /.localvmarray /.localvmdict /.localvmpackedarray /.localvmstring /.systemvmarray /.systemvmdict /.systemvmpackedarray /.systemvmstring /.systemvmfile /.systemvmlibfile |
| 25 | /.systemvmSFD /.settrapparams /.currentsystemparams /.currentuserparams /.getsystemparam /.getuserparam /.setsystemparams /.setuserparams |
| 26 | /.checkpassword /.locale_to_utf8 /.currentglobal /.gcheck /.imagepath |
| 27 | + /.type /.writecvs /.setSMask /.currentSMask |
| 28 | |
| 29 | % Used by a free user in the Library of Congress. Apparently this is used to |
| 30 | % draw a partial page, which is then filled in by the results of a barcode |
| 31 | @@ -2248,7 +2249,7 @@ SAFER { .setsafeglobal } if |
| 32 | % test files/utilities, or engineers expressed a desire to keep them visible. |
| 33 | % |
| 34 | %/currentdevice /.sort /.buildfont0 /.buildfont1 /.buildfont2 /.buildfont3 /.buildfont4 /.buildfont9 /.buildfont10 /.buildfont11 |
| 35 | - %/.buildfotn32 /.buildfont42 /.type9mapcid /.type11mapcid /.swapcolors |
| 36 | + %/.buildfont32 /.buildfont42 /.type9mapcid /.type11mapcid /.swapcolors |
| 37 | %/currentdevice /.quit /.setuseciecolor /.needinput /.setoverprintmode /.special_op /.dicttomark /.knownget |
| 38 | %/.FAPIavailable /.FAPIpassfont /.FAPIrebuildfont /.FAPIBuildGlyph /.FAPIBuildChar /.FAPIBuildGlyph9 |
| 39 | %/.tempfile /.numicc_components /.set_outputintent /.max /.min /.vmreclaim /.getpath /.setglobal |
| 40 | -- |
| 41 | 2.7.4 |
| 42 | |