Bug 693380

Summary: GS errors out when proccessing pdf with long path
Product: Ghostscript Reporter: Till Kamppeter <till.kamppeter>
Component: GeneralAssignee: Chris Liddell (chrisl) <chris.liddell>
Status: RESOLVED FIXED    
Severity: normal CC: basil.semuonov, henry.stiles, konrad.blawat
Priority: P2    
Version: 9.06   
Hardware: PC   
OS: Linux   
Customer: Word Size: ---

Description Till Kamppeter 2012-10-12 10:13:47 UTC 
Cited from original bug report

https://bugs.launchpad.net/ubuntu/+source/ghostscript/+bug/1065845

---------
gs chares while processing pdf by it's full path.

versions 8.71, 9.05 and 9.06 (pre-release freeze) are affected by this bug.

Expected: split first slide from pdf.

Example:
ghostscript -sDEVICE=pdfwrite -dNOPAUSE -dQUIET -dBATCH -dFirstPage=1 -dLastPage=1 -sOutputFile=/var/onlinestudios/recording/process/presentation/0bc06fff1cb99393f3e306002e9e544ff8510040-1349810405174/temp/0bc06fff1cb99393f3e306002e9e544ff8510040-1349810405174/presentation/MeeGo_1_2_Harmattan_Applications_Nokia_Store_Entry_Requirements_v1_1_en/slide-1.pdf /etc/onlinestudios/nopdfmark.ps /var/onlinestudios/recording/process/presentation/0bc06fff1cb99393f3e306002e9e544ff8510040-1349810405174/temp/0bc06fff1cb99393f3e306002e9e544ff8510040-1349810405174/presentation/MeeGo_1_2_Harmattan_Applications_Nokia_Store_Entry_Requirements_v1_1_en/MeeGo_1_2_Harmattan_Applications_Nokia_Store_Entry_Requirements_v1_1_en.pdf

crashes with "Unrecoverable error: rangecheck in .putdeviceprops"

And this works as expected:
ghostscript -sDEVICE=pdfwrite -dNOPAUSE -dQUIET -dBATCH -dFirstPage=1 -dLastPage=1 -sOutputFile=./presentation/0bc06fff1cb99393f3e306002e9e544ff8510040-1349810405174/temp/0bc06fff1cb99393f3e306002e9e544ff8510040-1349810405174/presentation/MeeGo_1_2_Harmattan_Applications_Nokia_Store_Entry_Requirements_v1_1_en/slide-1.pdf /etc/onlinestudios/nopdfmark.ps ./presentation/0bc06fff1cb99393f3e306002e9e544ff8510040-1349810405174/temp/0bc06fff1cb99393f3e306002e9e544ff8510040-1349810405174/presentation/MeeGo_1_2_Harmattan_Applications_Nokia_Store_Entry_Requirements_v1_1_en/MeeGo_1_2_Harmattan_Applications_Nokia_Store_Entry_Requirements_v1_1_en.pdf

Note: in second case long paths became shorter and current dir is /var/onlinestudios/recording/process.

My file nopdfmark.ps consists the followinf lines:
%!
/pdfmark {cleartomark} bind def

Additional information:

lsb_release -rd
Description: Ubuntu 12.04.1 LTS
Release: 12.04
----------
Comment 1 Basil Semuonov 2012-10-15 09:44:25 UTC 
The problem is actually in processing "-sOutputFile" command line parameter.

File ./base/gsparam2.c contains a define:

#define MAX_PARAM_KEY 255

so if length of path -sOutputFile > MAX_PARAM_KEY security check performed:
gsparam2.c:73
---
char string_key[MAX_PARAM_KEY + 1];

if (sizeof(string_key) < key.size + 1) {
   code = gs_note_error(gs_error_rangecheck);
   break;
}
---

Seems not a bug, but a strong restriction for input arguments, and "magic" numbers in code.
Comment 2 Marcos H. Woehrmann 2013-05-28 16:18:21 UTC 
*** Bug 694076 has been marked as a duplicate of this bug. ***
Comment 3 Chris Liddell (chrisl) 2014-03-13 04:23:27 UTC 
I'm hopeful that this is fixed with:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=fe0b8fcf

but it's possible there are areas of the code which make assumptions....
Comment 4 Basil Semuonov 2014-03-13 04:31:15 UTC 
(In reply to comment #3)
> I'm hopeful that this is fixed with:
Length is fixed, but patch is incorrect and contain error at gs/base/gsparam2.c
type of 'string_key' changed from 'char[MAX_PARAM_KEY + 1]' to 'char *'
and condition checks 'sizeof(string_key)' which leads to wrong behaviour.