Sophie

Sophie

distrib > Mageia > 6 > x86_64 > by-pkgid > 09236aad26217818763c178cc3a83744 > files > 7

ghostscript-9.24-1.5.mga6.src.rpm

From 643b24dbd002fb9c131313253c307cf3951b3d47 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Fri, 7 Sep 2018 08:07:12 +0100
Subject: [PATCH] Bug 699718(2): Improve/augment stack size checking

Improve the rebustness of the previous solution (previously it could trigger an
error when there *was* stack capacity available).

Remove redundant check: we don't need to check if the *current* stack size is
sufficient, before checking the maximum permitted stack size.

Also check the exec stack, as execstackoverflow can also cause the
Postscript call out to fail.

Lastly, in event of failure, put the LockSafetyParams flag back in the existing
device (this is only necessary because we don't enfore JOBSERVER mode).

Note: the Postscript callout (%grestorepagedevice) never pushes any dictionaries
on the dict stack - if that changes, we should check that stack, too.
---
 psi/zdevice2.c | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/psi/zdevice2.c b/psi/zdevice2.c
index 5447c8c..159a0c0 100644
--- a/psi/zdevice2.c
+++ b/psi/zdevice2.c
@@ -278,8 +278,8 @@ restore_page_device(i_ctx_t *i_ctx_p, const gs_gstate * pgs_old, const gs_gstate
     }
 
     if (LockSafetyParams && !samepagedevice) {
-        os_ptr op = osp;
-        const int max_ops = 512;
+        const int required_ops = 512;
+        const int required_es = 32;
 
         /* The %grestorepagedevice must complete: the biggest danger
            is operand stack overflow. As we use get/putdeviceparams
@@ -289,9 +289,16 @@ restore_page_device(i_ctx_t *i_ctx_p, const gs_gstate * pgs_old, const gs_gstate
            424 entries on the op stack. Allowing for working stack
            space, and safety margin.....
          */
-        if (max_ops > op - osbot) {
-            if (max_ops >= ref_stack_count(&o_stack))
-               return_error(gs_error_stackoverflow);
+        if (required_ops + ref_stack_count(&o_stack) >= ref_stack_max_count(&o_stack)) {
+           gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams;
+           return_error(gs_error_stackoverflow);
+        }
+        /* We also want enough exec stack space - 32 is an overestimate of
+           what we need to complete the Postscript call out.
+         */
+        if (required_es + ref_stack_count(&e_stack) >= ref_stack_max_count(&e_stack)) {
+           gs_currentdevice(pgs_old)->LockSafetyParams = LockSafetyParams;
+           return_error(gs_error_execstackoverflow);
         }
     }
     /*
-- 
2.9.1

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional