openkylin
/
ghostscript
mirror of https://gitee.com/openkylin/ghostscript.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

!52 CVE-2020-21710 安全更新:gdevepsn.c 的 eps_print_page 中发现问题可能导致拒绝服务 

Merge pull request !52 from ppi/openkylin/yangtze
This commit is contained in:
赵玉彪 2024-01-04 08:07:49 +00:00 committed by Gitee
parent ee31ba1296 8ee4952b55
commit b2f43e60a4
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
1 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
devices/gdevepsn.c
View File

@ -159,10 +159,10 @@ eps_print_page(gx_device_printer *pdev, gp_file *prn_stream, int y_9pin_high,
int line_size = gdev_mem_bytes_per_scan_line((gx_device *)pdev);
/* Note that in_size is a multiple of 8. */
int in_size = line_size * (8 * in_y_mult);
byte *buf1 = (byte *)gs_malloc(pdev->memory, in_size, 1, "eps_print_page(buf1)");
byte *buf2 = (byte *)gs_malloc(pdev->memory, in_size, 1, "eps_print_page(buf2)");
byte *in = buf1;
byte *out = buf2;
byte *buf1;
byte *buf2;
byte *in;
byte *out;
int out_y_mult = (y_24pin ? 3 : 1);
int x_dpi = (int)pdev->x_pixels_per_inch;
char start_graphics =
@ -174,6 +174,17 @@ eps_print_page(gx_device_printer *pdev, gp_file *prn_stream, int y_9pin_high,
int bytes_per_space = dots_per_space * out_y_mult;
int tab_min_pixels = x_dpi * MIN_TAB_10THS / 10;
int skip = 0, lnum = 0, pass, ypass;
if (bytes_per_space == 0) {
/* This avoids divide by zero later on, bug 701843. */
return_error(gs_error_rangecheck);
}
buf1 = (byte *)gs_malloc(pdev->memory, in_size, 1, "eps_print_page(buf1)");
buf2 = (byte *)gs_malloc(pdev->memory, in_size, 1, "eps_print_page(buf2)");
in = buf1;
out = buf2;
/* Check allocations */
if ( buf1 == 0 || buf2 == 0 )