shithub: riscv

Info  •  Files  •  Log  •  Branches

gs: patch CVE-2023-28879

https://offsec.almond.consulting/ghostscript-cve-2023-28879.html
https://git.ghostscript.com/?p=ghostpdl.git;h=37ed5022cecd584de868933b5b60da2e995b3179

--- a/sys/src/cmd/gs/src/sbcp.c

+++ b/sys/src/cmd/gs/src/sbcp.c

@@ -51,6 +51,14 @@

 	byte ch = *++p;

 	if (ch <= 31 && escaped[ch]) {

+	    /* Make sure we have space to store two characters in the write buffer,

+	     * if we don't then exit without consuming the input character, we'll process

+	     * that on the next time round.

+	     */

+	    if (pw->limit - q < 2) {

+		p--;

+		break;

+	    }

 	    if (p == rlimit) {

 		p--;

 		break;