diff options
author | Robert Scott <code@humanleg.org.uk> | 2015-08-01 19:43:55 +0100 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2015-08-02 09:40:05 +0200 |
commit | 179cdbc62cff2ca316b3dd4f64b55f3a4c1f7906 (patch) | |
tree | d71e6e435e933acf49ac3b149b4b478a2f3e9aad | |
parent | aefc8b3ddf3de7859d9700967fa89dda5c2929a6 (diff) | |
download | nixlib-179cdbc62cff2ca316b3dd4f64b55f3a4c1f7906.tar nixlib-179cdbc62cff2ca316b3dd4f64b55f3a4c1f7906.tar.gz nixlib-179cdbc62cff2ca316b3dd4f64b55f3a4c1f7906.tar.bz2 nixlib-179cdbc62cff2ca316b3dd4f64b55f3a4c1f7906.tar.lz nixlib-179cdbc62cff2ca316b3dd4f64b55f3a4c1f7906.tar.xz nixlib-179cdbc62cff2ca316b3dd4f64b55f3a4c1f7906.tar.zst nixlib-179cdbc62cff2ca316b3dd4f64b55f3a4c1f7906.zip |
ghostscript: add patch fixing CVE-2015-3228 (from debian)
-rw-r--r-- | pkgs/misc/ghostscript/CVE-2015-3228.patch | 20 | ||||
-rw-r--r-- | pkgs/misc/ghostscript/default.nix | 6 |
2 files changed, 25 insertions, 1 deletions
diff --git a/pkgs/misc/ghostscript/CVE-2015-3228.patch b/pkgs/misc/ghostscript/CVE-2015-3228.patch new file mode 100644 index 000000000000..7be18b0a7302 --- /dev/null +++ b/pkgs/misc/ghostscript/CVE-2015-3228.patch @@ -0,0 +1,20 @@ +Description: Sanity check for memory allocation. + In gs_heap_alloc_bytes(), add a sanity check to ensure we don't overflow the + variable holding the actual number of bytes we allocate. +Origin: upstream, http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0c0b085 +Author: Chris Liddell <chris.liddell@artifex.com> +Forwarded: yes +Bug-Debian: http://bugs.debian.org/793489 +Last-Update: 2015-07-26 + +--- a/base/gsmalloc.c ++++ b/base/gsmalloc.c +@@ -178,7 +178,7 @@ + } else { + uint added = size + sizeof(gs_malloc_block_t); + +- if (mmem->limit - added < mmem->used) ++ if (added <= size || mmem->limit - added < mmem->used) + set_msg("exceeded limit"); + else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0) + set_msg("failed"); diff --git a/pkgs/misc/ghostscript/default.nix b/pkgs/misc/ghostscript/default.nix index 11f816dbb972..820e5f3cffe6 100644 --- a/pkgs/misc/ghostscript/default.nix +++ b/pkgs/misc/ghostscript/default.nix @@ -40,7 +40,11 @@ stdenv.mkDerivation rec { # [] # maybe sometimes jpeg2000 support ; - patches = [ ./urw-font-files.patch ]; + patches = [ + ./urw-font-files.patch + # fetched from debian's ghostscript 9.15_dfsg-1 (called 020150707~0c0b085.patch there) + ./CVE-2015-3228.patch + ]; makeFlags = [ "cups_serverroot=$(out)" "cups_serverbin=$(out)/lib/cups" ]; |