summaryrefslogtreecommitdiff
path: root/app-text/ghostscript-gpl/files/VU332928-githash8e9ce501.patch
diff options
context:
space:
mode:
Diffstat (limited to 'app-text/ghostscript-gpl/files/VU332928-githash8e9ce501.patch')
-rw-r--r--app-text/ghostscript-gpl/files/VU332928-githash8e9ce501.patch49
1 files changed, 0 insertions, 49 deletions
diff --git a/app-text/ghostscript-gpl/files/VU332928-githash8e9ce501.patch b/app-text/ghostscript-gpl/files/VU332928-githash8e9ce501.patch
deleted file mode 100644
index ca6b2272..00000000
--- a/app-text/ghostscript-gpl/files/VU332928-githash8e9ce501.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From: Ken Sharp <ken.sharp@artifex.com>
-Date: Thu, 23 Aug 2018 14:42:02 +0000 (+0100)
-Subject: Bug 699665 "memory corruption in aesdecode"
-X-Git-Tag: ghostpdl-9.24rc1~13
-X-Git-Url: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff_plain;h=8e9ce501
-
-Bug 699665 "memory corruption in aesdecode"
-
-The specimen file calls aesdecode without specifying the key to be
-used, though it does manage to do enough work with the PDF interpreter
-routines to get access to aesdecode (which isn't normally available).
-
-This causes us to read uninitialised memory, which can (and often does)
-lead to a segmentation fault.
-
-In this commit we set the key to NULL explicitly during intialisation
-and then check it before we read it. If its NULL we just return.
-
-It seems bizarre that we don't return error codes, we should probably
-look into that at some point, but this prevents the code trying to
-read uninitialised memory.
----
-
-diff --git a/base/aes.c b/base/aes.c
-index a6bce93..e86f000 100644
---- a/base/aes.c
-+++ b/base/aes.c
-@@ -662,6 +662,9 @@ void aes_crypt_ecb( aes_context *ctx,
- }
- #endif
-
-+ if (ctx == NULL || ctx->rk == NULL)
-+ return;
-+
- RK = ctx->rk;
-
- GET_ULONG_LE( X0, input, 0 ); X0 ^= *RK++;
-diff --git a/base/saes.c b/base/saes.c
-index 6db0e8b..307ed74 100644
---- a/base/saes.c
-+++ b/base/saes.c
-@@ -120,6 +120,7 @@ s_aes_process(stream_state * ss, stream_cursor_read * pr,
- gs_throw(gs_error_VMerror, "could not allocate aes context");
- return ERRC;
- }
-+ memset(state->ctx, 0x00, sizeof(aes_context));
- if (state->keylength < 1 || state->keylength > SAES_MAX_KEYLENGTH) {
- gs_throw1(gs_error_rangecheck, "invalid aes key length (%d bytes)",
- state->keylength);