Bug 697193 - status should check PermitFileReading
status should check PermitFileReading
Status: RESOLVED FIXED
Product: Ghostscript
Classification: Unclassified
Component: General
9.20
PC Linux
: P4 minor
Assigned To: Chris Liddell (chrisl)
Bug traffic
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-10-05 08:54 UTC by Tavis Ormandy
Modified: 2016-10-08 09:14 UTC (History)
1 user (show)

See Also:
Customer:
Word Size: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tavis Ormandy 2016-10-05 08:54:51 UTC
status doesn't require the filename to match PermitFileReading, I think this is a minor -dSAFER bug because it can leak the existence and size of filenames.
Comment 1 Chris Liddell (chrisl) 2016-10-08 09:14:42 UTC
Fixed in:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b60d50b7