--- /dev/null
+From 5d2da96e81c7455338302c71a291088a8396245a Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Mon, 16 Oct 2023 16:49:40 +0100
+Subject: [PATCH] Bug 707264: Fix tiffsep(1) requirement for seekable output
+ files
+
+In the device initialization redesign, tiffsep and tiffsep1 lost the requirement
+for the output files to be seekable.
+
+Fixing that highlighted a problem with the error handling in
+gdev_prn_open_printer_seekable() where closing the erroring file would leave a
+dangling pointer, and lead to a crash.
+
+Upstream-Status: Backport [https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5d2da96e81c7455338302c71a291088a8396245a]
+CVE: CVE-2023-46751
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ base/gdevprn.c | 1 +
+ devices/gdevtsep.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+--- a/base/gdevprn.c
++++ b/base/gdevprn.c
+@@ -1251,6 +1251,7 @@ gdev_prn_open_printer_seekable(gx_device
+ && !IS_LIBCTX_STDERR(pdev->memory, gp_get_file(ppdev->file))) {
+
+ code = gx_device_close_output_file(pdev, ppdev->fname, ppdev->file);
++ ppdev->file = NULL;
+ if (code < 0)
+ return code;
+ }
+--- a/devices/gdevtsep.c
++++ b/devices/gdevtsep.c
+@@ -738,6 +738,7 @@ tiffsep_initialize_device_procs(gx_devic
+ {
+ gdev_prn_initialize_device_procs(dev);
+
++ set_dev_proc(dev, output_page, gdev_prn_output_page_seekable);
+ set_dev_proc(dev, open_device, tiffsep_prn_open);
+ set_dev_proc(dev, close_device, tiffsep_prn_close);
+ set_dev_proc(dev, map_color_rgb, tiffsep_decode_color);
projects / thirdparty / openembedded / openembedded-core.git / commitdiff
