Summary: | Regression: Error: /nocurrentpoint in --currentpoint-- (Regression since fb713b3818b52d8a6cf62c951eba2e1795ff9624/9.25rc1) | ||
---|---|---|---|
Product: | Ghostscript | Reporter: | Salvatore Bonaccorso <carnil> |
Component: | Regression | Assignee: | Chris Liddell (chrisl) <chris.liddell> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | P4 | ||
Version: | 9.25 | ||
Hardware: | PC | ||
OS: | Linux | ||
URL: | https://bugs.debian.org/909929 | ||
Customer: | Word Size: | --- | |
Attachments: | PostScript document text conforming DSC level 2.0, type EPS triggering regression |
Description
Salvatore Bonaccorso
2018-09-30 06:34:33 UTC
By coincidence this had already turned up in our local testing and I was going to look into it. I can see what the problem is, and it is one we had anticipated as a result of this change. I'll consult with the other developers but I suspect the answer is 'sorry, that's how it works now, don't use -dSAFER' Essentially the use of SAFER breaks Ghostscript's conformance with the language specification. It has to, the PostScript language is a complete programming language, and so permits things like unrestricted access to the file system. We recently increased the scope of SAFER in order to prevent malicious code from being able to disable SAFER. This means that we are a little less in compliance with the language than we were before (which is one reason we've been reluctant to do this), but it does further secure the use of Ghostscript. We anticipate adding some granularity to the way that SAFER works, partly as the result of a request by Johannes Meixner at SuSE. When that gets implemented it will be possible to reduce the safety of SAFER and permit this particular feature of the language (replaceable error handlers). Obviously this will reduce the security. I'm leaving this open for now, and assigning to Chris as he's planning to implement it. I forgot to say thanks for your efforts in bisecting the commit, that really helped isolate the problem and saved me a tedious task, much appreciated! Fixed in: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=1778db6bc10 This makes the "hiding" of the error handlers an explicit option that is not tied to SAFER. |