| Summary: | /invalidfileaccess error on .dsc file produced by pdf2dsc | ||
|---|---|---|---|
| Product: | Ghostscript | Reporter: | Vincent Lefevre <vincent-gs> |
| Component: | PS Interpreter | Assignee: | Default assignee <ghostpdl-bugs> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | chris.liddell |
| Priority: | P2 | ||
| Version: | 10.04.0 | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Customer: | Word Size: | --- | |
| Attachments: | PDF testcase | ||
(In reply to Vincent Lefevre from comment #0) > $ pdf2dsc test.pdf > $ gs test.dsc > GPL Ghostscript 10.04.0 (2024-09-18) > Copyright (C) 2024 Artifex Software, Inc. All rights reserved. > This software is supplied under the GNU AGPLv3 and comes with NO WARRANTY: > see the file COPYING for details. > Error: /invalidfileaccess in --file-- > Operand stack: > (test.pdf) (r) > Execution stack: > %interp_exit .runexec2 --nostringval-- --nostringval-- > --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- > --nostringval-- false 1 %stopped_push 1949 1 3 %oparray_pop > 1948 1 3 %oparray_pop 1933 1 3 %oparray_pop 1803 1 3 > %oparray_pop --nostringval-- %errorexec_pop .runexec2 > --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push > --nostringval-- > Dictionary stack: > --dict:747/1123(ro)(G)-- --dict:0/20(G)-- --dict:90/200(L)-- > Current allocation mode is local > Last OS error: Permission denied > Current file position is 278 > GPL Ghostscript 10.04.0: Unrecoverable error, exit code 1 > > while such a .dsc file is meant to be viewable (as the pdf2dsc(1) man page > says). Note that the test.pdf file is readable. > > The generated test.dsc file: > > %!PS-Adobe-3.0 > %%DocumentMedia: y841.89x595.28 595.28 841.89 70 white () > %%Pages: 1 > %%EndComments > %%BeginProlog > /Page null def > /Page# 0 def > /PDFSave null def > /DSCPageCount 0 def > /DoPDFPage {dup /Page# exch store dup dopdfpages } def > %%EndProlog > %%BeginSetup > (test.pdf) (r) file { DELAYSAFER { .setsafe } if } stopped pop And there's your problem. You have not given Ghostscript permission to read the file. You will need to add --permit-file-read=.... to the command line. Note that this particular file will also only ever work with Ghostscript since it uses Ghostscript-specific PostScript operators to read the PDF file. It is not (IMO) really a DSC-compliant file, and never was. I can solve this by removing the rather pointless utility, I cannot see what use it has. (In reply to Ken Sharp from comment #1) > And there's your problem. You have not given Ghostscript permission to read > the file. You will need to add --permit-file-read=.... to the command line. The issue is that this is not the default. So in real-use cases on such a file, the failure will be there. But... > Note that this particular file will also only ever work with Ghostscript > since it uses Ghostscript-specific PostScript operators to read the PDF > file. It is not (IMO) really a DSC-compliant file, and never was. > > I can solve this by removing the rather pointless utility, I cannot see what > use it has. OK. I don't remember why I used it in the past, probably for testing something. (In reply to Vincent Lefevre from comment #2) > OK. I don't remember why I used it in the past, probably for testing > something. I think I remember: Debian also uses the .dsc extension, so that the files needed to be distinguished by sniffing. So I did some tests... Deleted in commit be0f68e6119879e440c134ae1c2582574e7942bd (In reply to Ken Sharp from comment #1) > (In reply to Vincent Lefevre from comment #0) > > > $ pdf2dsc test.pdf > > $ gs test.dsc > > GPL Ghostscript 10.04.0 (2024-09-18) > > Copyright (C) 2024 Artifex Software, Inc. All rights reserved. > > This software is supplied under the GNU AGPLv3 and comes with NO WARRANTY: > > see the file COPYING for details. > > Error: /invalidfileaccess in --file-- > > Operand stack: > > (test.pdf) (r) > > Execution stack: > > %interp_exit .runexec2 --nostringval-- --nostringval-- > > --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- > > --nostringval-- false 1 %stopped_push 1949 1 3 %oparray_pop > > 1948 1 3 %oparray_pop 1933 1 3 %oparray_pop 1803 1 3 > > %oparray_pop --nostringval-- %errorexec_pop .runexec2 > > --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push > > --nostringval-- > > Dictionary stack: > > --dict:747/1123(ro)(G)-- --dict:0/20(G)-- --dict:90/200(L)-- > > Current allocation mode is local > > Last OS error: Permission denied > > Current file position is 278 > > GPL Ghostscript 10.04.0: Unrecoverable error, exit code 1 > > > > while such a .dsc file is meant to be viewable (as the pdf2dsc(1) man page > > says). Note that the test.pdf file is readable. > > > > The generated test.dsc file: > > > > %!PS-Adobe-3.0 > > %%DocumentMedia: y841.89x595.28 595.28 841.89 70 white () > > %%Pages: 1 > > %%EndComments > > %%BeginProlog > > /Page null def > > /Page# 0 def > > /PDFSave null def > > /DSCPageCount 0 def > > /DoPDFPage {dup /Page# exch store dup dopdfpages } def > > %%EndProlog > > %%BeginSetup > > (test.pdf) (r) file { DELAYSAFER { .setsafe } if } stopped pop > > And there's your problem. You have not given Ghostscript permission to read > the file. You will need to add --permit-file-read=.... to the command line. > > Note that this particular file will also only ever work with Ghostscript > since it uses Ghostscript-specific PostScript operators to read the PDF > file. It is not (IMO) really a DSC-compliant file, and never was. > > I can solve this by removing the rather pointless utility, I cannot see what > use it has. I was/is used by gv. (In reply to Chris Liddell (chrisl) from comment #5) > I was/is used by gv. Well.... Either nobody is using it that way, or they are all using -dNOSAFER or supplying --permit-file-read with gv. I can put it back, obviously (and leave the bug report closed, since it would clearly work for the intended purpose) if anyone complains. Or perhaps someone should just update gv. (In reply to Ken Sharp from comment #6) > (In reply to Chris Liddell (chrisl) from comment #5) > > > I was/is used by gv. > > Well.... Either nobody is using it that way, or they are all using -dNOSAFER > or supplying --permit-file-read with gv. gv seems to use pdf2dsc.ps only, not the pdf2dsc utility directly: src/Makefile.am contains: @echo "GV.gsCmdScanPDF: gs -dNODISPLAY -dQUIET -sPDFname=%s -sDSCname=%s %s pdf2dsc.ps -c quit" >> gv_intern_res_unix.dat (In reply to Vincent Lefevre from comment #7) > > Well.... Either nobody is using it that way, or they are all using -dNOSAFER > > or supplying --permit-file-read with gv. > > gv seems to use pdf2dsc.ps only, not the pdf2dsc utility directly: > > src/Makefile.am contains: > > @echo "GV.gsCmdScanPDF: gs -dNODISPLAY -dQUIET -sPDFname=%s -sDSCname=%s %s > pdf2dsc.ps -c quit" >> gv_intern_res_unix.dat It would still have the same problem; the SAFER code would mean that Ghostscript will throw an invalidaccess error reading the output file, in the case above 'gv_intern_res_unix.dat, I think). Unless gv uses -dNOSAFER or --permit-file-read=<path to PDFname> to read the output file. Since gv hasn't apparently been updated for 12 years there's no possible way it's using --permit-file-read; it could be using -dNOSAFER, but I kind of doubt that it is. So I'm still inclined to wait and see if anyone even notices. (In reply to Ken Sharp from comment #8) > (In reply to Vincent Lefevre from comment #7) > > gv seems to use pdf2dsc.ps only, not the pdf2dsc utility directly: > > > > src/Makefile.am contains: > > > > @echo "GV.gsCmdScanPDF: gs -dNODISPLAY -dQUIET -sPDFname=%s -sDSCname=%s %s > > pdf2dsc.ps -c quit" >> gv_intern_res_unix.dat > > It would still have the same problem; the SAFER code would mean that > Ghostscript will throw an invalidaccess error reading the output file, in > the case above 'gv_intern_res_unix.dat, I think). I suspect that it is gv that reads the produced DSC file to get the structure, without interpreting the PostScript code. But is the produced file well specified? BTW, I'm wondering whether pdf2dsc.ps should be moved to the gv code, so that gv has full control of what it does. (In reply to Vincent Lefevre from comment #9) > BTW, I'm wondering whether pdf2dsc.ps should be moved to the gv code, so > that gv has full control of what it does. Well, there would be a possibly issue with the license... (In reply to Vincent Lefevre from comment #10) > (In reply to Vincent Lefevre from comment #9) > > BTW, I'm wondering whether pdf2dsc.ps should be moved to the gv code, so > > that gv has full control of what it does. > > Well, there would be a possibly issue with the license... Not to mention, with no commits for 11 years, I doubt there's an active maintainer for gv. |
Created attachment 26385 [details] PDF testcase With Ghostscript 10.04.0 (Debian package ghostscript 10.04.0~dfsg-2+b1) and the attached test.pdf file: $ pdf2dsc test.pdf $ gs test.dsc GPL Ghostscript 10.04.0 (2024-09-18) Copyright (C) 2024 Artifex Software, Inc. All rights reserved. This software is supplied under the GNU AGPLv3 and comes with NO WARRANTY: see the file COPYING for details. Error: /invalidfileaccess in --file-- Operand stack: (test.pdf) (r) Execution stack: %interp_exit .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- --nostringval-- false 1 %stopped_push 1949 1 3 %oparray_pop 1948 1 3 %oparray_pop 1933 1 3 %oparray_pop 1803 1 3 %oparray_pop --nostringval-- %errorexec_pop .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- Dictionary stack: --dict:747/1123(ro)(G)-- --dict:0/20(G)-- --dict:90/200(L)-- Current allocation mode is local Last OS error: Permission denied Current file position is 278 GPL Ghostscript 10.04.0: Unrecoverable error, exit code 1 while such a .dsc file is meant to be viewable (as the pdf2dsc(1) man page says). Note that the test.pdf file is readable. The generated test.dsc file: %!PS-Adobe-3.0 %%DocumentMedia: y841.89x595.28 595.28 841.89 70 white () %%Pages: 1 %%EndComments %%BeginProlog /Page null def /Page# 0 def /PDFSave null def /DSCPageCount 0 def /DoPDFPage {dup /Page# exch store dup dopdfpages } def %%EndProlog %%BeginSetup (test.pdf) (r) file { DELAYSAFER { .setsafe } if } stopped pop runpdfbegin process_trailer_attrs %%EndSetup %%Page: 1 1 %%PageMedia: y841.89x595.28 1 DoPDFPage %%Trailer runpdfend %%EOF