699659 – missing type check in ztype

Bug 699659 - missing type check in ztype

Summary: missing type check in ztype

Status:	NOTIFIED FIXED

Alias:	None

Product:	Ghostscript
Classification:	Unclassified
Component:	General (show other bugs)
Version:	unspecified
Hardware:	PC Linux

Importance:	P2 critical
Assignee:	Chris Liddell (chrisl)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-08-21 18:22 UTC by Tavis Ormandy
Modified:	2018-12-18 11:36 UTC (History)
CC List:	6 users (show)

See Also:
Customer:	501,641
Word Size:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tavis Ormandy 2018-08-21 18:22:19 UTC

No type checking ztype, just have to pass the range check.

$ ./gs -q -sDEVICE=ppmraw -dSAFER 
GS>null [[][][][][][][][][][][][][][][]] .type
Segmentation fault

Comment 1 Chris Liddell (chrisl) 2018-08-23 11:44:14 UTC

Fixed in:

http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0edd3d6c63

Format For Printing
- XML
- Clone This Bug
- Top of page