diff options
author | Chris Liddell <chris.liddell@artifex.com> | 2018-09-03 08:34:25 +0100 |
---|---|---|
committer | Chris Liddell <chris.liddell@artifex.com> | 2018-09-03 08:34:25 +0100 |
commit | ae222d8aa93783ba542b8ba91d62a1e107650563 (patch) | |
tree | bd3c6aa33acd48d105c878c9c3c209e69651b2f2 | |
parent | 07da47959687c1e6a112ad746929ef66e82b5aa9 (diff) | |
download | ghostpdl-ae222d8aa93783ba542b8ba91d62a1e107650563.tar.gz |
Update changelog... again
-rw-r--r-- | doc/History9.htm | 130 |
1 files changed, 130 insertions, 0 deletions
diff --git a/doc/History9.htm b/doc/History9.htm index 21e330cee..60037144b 100644 --- a/doc/History9.htm +++ b/doc/History9.htm @@ -166,6 +166,136 @@ please visit <a href="http://bugs.ghostscript.com/">bugs.ghostscript.com</a>. </li> </ul> <h3><a name="9.24_changelog"></a>Changelog</h3> +<p><strong>2018-09-01 17:50:05 +0100 +</strong> +<br>Chris Liddell <chris.liddell@artifex.com><br> +<a href="http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=07da47959687c1e6a112ad746929ef66e82b5aa9">07da47959687c1e6a112ad746929ef66e82b5aa9</a> +<blockquote> +<p> + Bug 699658(related): Move recording of temp file names into C<br> +<br> + When we successfully create a temporary file from Postscript, either doing so<br> + when SAFER is not in force, or when SAFER is in force, and creating it in<br> + a write permitted directory, we record the file name so we can later delete<br> + the file, even is SAFER has been engaged, or if the PermitWriting list has<br> + changed to no longer the directory in question.<br> +<br> + Previously the recording of the name was done in Postscript, even though the<br> + checking was done in C.<br> +<br> + This moves the recording of the names to C, meaning we can remove the Postscript<br> + redefinitions of .tempfile and deletfile, and make the dictionary in question<br> + noaccess.<br> +<br> + Also, tidy up the adding of the temporary file directory to the list of<br> + permitted directories, and include the list in all of the categories<br> + (PermitFileWriting, PermitFileReading and PermitFileControl) - it was only<br> + previously adding to writing.<br> +<br> +Resource/Init/gs_init.ps<br> +psi/int.mak<br> +psi/zfile.c<br> +<p> +</blockquote> +<hr> +<p><strong>2018-08-31 15:57:55 +0100 +</strong> +<br>Chris Liddell <chris.liddell@artifex.com><br> +<a href="http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d8cfd2e7e1000f644afcaca2f196cb6d494049b8">d8cfd2e7e1000f644afcaca2f196cb6d494049b8</a> +<blockquote> +<p> + Bug 699693: Fix FAPI handling of multibyte Unicode code point<br> +<br> + The original code worked for one byte code points, and for the case there the<br> + original character code and Unicode value both had the same number of bytes,<br> + but was totally wrong if the the two were different.<br> +<br> +psi/zfapi.c<br> +<p> +</blockquote> +<hr> +<p><strong>2018-09-01 11:28:06 +0100 +</strong> +<br>Ken Sharp <ken.sharp@artifex.com><br> +<a href="http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a5993c537ae035b2396da5189fd985006627a478">a5993c537ae035b2396da5189fd985006627a478</a> +<blockquote> +<p> + Bug #699687 "grestore can bypass SAFER"<br> +<br> + The code in z2grestore (part of the level 2 restore machinery) in<br> + ghostpdl/psi/zdevice2.c sets the device's LockSafetyParams to false, and<br> + according to the comments there relies on putdeviceparams setting<br> + the flag back when the old device is re-instated.<br> +<br> + However, if we have corrupted any part of the device's content, then<br> + its possible to exit putdeviceparams, in one place only, without<br> + setting LockSafetyParams. Here we simply add an explicit reset of the<br> + value even in the case of an error setting the new device.<br> +<br> +base/gsdparam.c<br> +<p> +</blockquote> +<hr> +<p><strong>2018-09-01 09:28:08 +0100 +</strong> +<br>Ken Sharp <ken.sharp@artifex.com><br> +<a href="http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=21b27dc55b493564006c91326a5ddc636cf88563">21b27dc55b493564006c91326a5ddc636cf88563</a> +<blockquote> +<p> + Bug 699677 ".bindnow still causing side effects"<br> +<br> + In fact, its nothing to do with .bindnow. That simply modifies the exec<br> + stack in a way which makes the problem exhibit.<br> +<br> + setcustomcolor should really check its operands. because it doens't, it<br> + creates a tint transform function which tries to mulitply a number by<br> + (in this case) a name. This throws an error of course.<br> +<br> + The problem is that the code to sample the tint transform function<br> + didn't deal properly with the case where the PostScript function throws<br> + an error. In that case it properly exits the code which executes the<br> + function, but it fails to unwind the exec stack.<br> +<br> + This leads to use trying to complete the function, using the enumerator,<br> + which has been stored on the exec stack. Because we didn't clean up the<br> + exec stack, what we retrieve isn't an enumerator. This causes us to try<br> + to access invalid memory and can result in a crash.<br> +<br> + So, several steps. Firstly have the sampling code properly handle the<br> + error and restore the exec stack. Secondly, have the setcolorspace code<br> + be prepared to accept a NULL returned from the sampling code and treat<br> + that as an error (and also fix a similar exec stack problem in the<br> + setcolorspace code). Finally; have setcustomcolor validate its operands.<br> +<br> +Resource/Init/gs_lev2.ps<br> +psi/zcolor.c<br> +psi/zfsample.c<br> +<p> +</blockquote> +<hr> +<p><strong>2018-08-29 09:30:19 -0700 +</strong> +<br>Ray Johnston <ray.johnston@artifex.com><br> +<a href="http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=91d6bc4d3e3865388ede3bcd4e84bbb8787b78e4">91d6bc4d3e3865388ede3bcd4e84bbb8787b78e4</a> +<blockquote> +<p> + Fix for security issues found during internal security audit<br> +<br> + While most of the invocations of .forceput and related operators were<br> + "protected" by being within "executeonly" procedures, several had crept<br> + in that did not make sure that the operator was hidden in a procedure<br> + that could not be read.<br> +<br> +Resource/Init/gs_dps.ps<br> +Resource/Init/gs_fntem.ps<br> +Resource/Init/gs_init.ps<br> +Resource/Init/gs_lev2.ps<br> +Resource/Init/gs_pdfwr.ps<br> +Resource/Init/gs_setpd.ps<br> +Resource/Init/gs_typ32.ps<br> +<p> +</blockquote> +<hr> <p><strong>2018-08-30 15:07:33 +0100 </strong> <br>Chris Liddell <chris.liddell@artifex.com><br> |