| Summary: | .definemodifiedfont memory corruption if /typecheck is handled | ||
|---|---|---|---|
| Product: | Ghostscript | Reporter: | Tavis Ormandy <taviso> |
| Component: | General | Assignee: | Chris Liddell (chrisl) <chris.liddell> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | cbuissar, deekej, dr, jsmeix, scorneli, till.kamppeter |
| Priority: | P4 | ||
| Version: | unspecified | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Customer: | Word Size: | --- | |
$ gdb -q --args ./gs -q -sDEVICE=ppmraw -dSAFER Reading symbols from ./gs...done. (gdb) r Starting program: /usr/local/google/home/taviso/projects/ghostscript/ghostscript-9.23/bin/gs -q -sDEVICE=ppmraw -dSAFER [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". GS>errordict /typecheck { (typecheck\n) print } put GS>1 /Foo .definemodifiedfont typecheck ... (lots of output) Program received signal SIGSEGV, Segmentation fault. 0x0000555555c5615e in dstack_find_name_by_index (pds=0x55555702ce40, nidx=1019) at ./psi/idstack.c:187 187 name_index_ref(mem, nidx, &key);