| Summary: | .setdistillerkeys memory corruption | ||
|---|---|---|---|
| Product: | Ghostscript | Reporter: | Tavis Ormandy <taviso> |
| Component: | Security (public) | Assignee: | Chris Liddell (chrisl) <chris.liddell> |
| Status: | NOTIFIED DUPLICATE | ||
| Severity: | major | CC: | scorneli |
| Priority: | P2 | ||
| Version: | unspecified | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Customer: | 501,641 | Word Size: | --- |
|
Description
Tavis Ormandy
2018-08-21 19:33:07 UTC
I can't reproduce this with the current code, I get: Error: /typecheck in --setdistillerparams-- Operand stack: --dict:84/84(ro)(G)-- Execution stack: %interp_exit .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- %loop_continue --nostringval-- --nostringval-- false 1 %stopped_push .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- 2017 1 3 %oparray_pop Dictionary stack: --dict:982/1684(ro)(G)-- --dict:0/20(G)-- --dict:78/200(L)-- Current allocation mode is local Last OS error: Resource temporarily unavailable Current file position is 20 (In reply to Chris Liddell (chrisl) from comment #1) > I can't reproduce this with the current code, I get: Oh, scratch that... I can see it. This 'looks like' a duplicate of 695656, at least it crashes in the same place for me. Chris already has a fix for this so I'm going to let him commit that. However, .setdistillerparams shouldn't be available, so I've made a change of my own to address that. It seems that this commit: 971472c83a345a16dac9f90f91258bb22dd77f22 accidentally broke some of the operator hiding code, in the course of making it work with DELAYBIND. It's the same route cause as 699656 and the same fix solves this. *** This bug has been marked as a duplicate of bug 699656 *** |