From 841a1738f22a23b8117239b3497f69119af16694 Mon Sep 17 00:00:00 2001
From: xuchenchen <xuchenchen@kylinos.cn>
Date: Sun, 28 Apr 2024 17:22:23 +0800
Subject: [PATCH] fix cve-2023-52722

(cherry picked from commit afaea7c4ea7520d4d860bde476bb416060fdbb65)
---
 fix-cve-2023-52722.patch | 39 +++++++++++++++++++++++++++++++++++++++
 ghostscript.spec         | 10 +++++++++-
 2 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 fix-cve-2023-52722.patch

diff --git a/fix-cve-2023-52722.patch b/fix-cve-2023-52722.patch
new file mode 100644
index 0000000..57a80cb
--- /dev/null
+++ b/fix-cve-2023-52722.patch
@@ -0,0 +1,39 @@
+From afd7188f74918cb51b5fb89f52b54eb16e8acfd1 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: 2023-09-12 10:46:10 +0100
+Subject: [PATCH] In SAFER (default) don't allow eexec seeds other than the Type 1 standard
+ Type 1 standard
+
+---
+ psi/zmisc1.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/psi/zmisc1.c b/psi/zmisc1.c
+index 3c47e99..81556ac 100644
+--- a/psi/zmisc1.c
++++ b/psi/zmisc1.c
+@@ -93,6 +93,9 @@ zexE(i_ctx_t *i_ctx_p)
+ 
+     if (code < 0)
+         return code;
++    if (gs_is_path_control_active(imemory) != 0 && state.cstate != 55665) {
++        return_error(gs_error_rangecheck);
++    }
+     return filter_write(i_ctx_p, code, &s_exE_template, (stream_state *)&state, 0);
+ }
+ 
+@@ -130,6 +133,11 @@ zexD(i_ctx_t *i_ctx_p)
+     }
+     if (code < 0)
+         return code;
++
++    if (gs_is_path_control_active(imemory) != 0 && state.cstate != 55665) {
++        return_error(gs_error_rangecheck);
++    }
++
+     /*
+      * If we're reading a .PFB file, let the filter know about it,
+      * so it can read recklessly to the end of the binary section.
+-- 
+2.43.0
+
diff --git a/ghostscript.spec b/ghostscript.spec
index 0bfac2c..9e33626 100644
--- a/ghostscript.spec
+++ b/ghostscript.spec
@@ -9,7 +9,7 @@
 
 Name:             ghostscript
 Version:          9.56.1
-Release:          3
+Release:          4
 Summary:          An interpreter for PostScript and PDF files
 License:          AGPLv3+
 URL:              https://ghostscript.com/
@@ -40,6 +40,7 @@ Patch102:  CVE-2023-36664.patch
 # see https://bugs.ghostscript.com/show_bug.cgi?id=701819
 Patch103:  CVE-2023-38559.patch
 Patch104:  backport-CVE-2023-46751.patch
+Patch105:  fix-cve-2023-52722.patch
 
 BuildRequires:    automake gcc
 BuildRequires:    adobe-mappings-cmap-devel adobe-mappings-pdf-devel
@@ -112,6 +113,7 @@ PDF files using Ghostscript and dvips
 %patch102 -p0
 %patch103 -p0
 %patch104 -p1
+%patch105 -p1
 
 # Libraries that we already have packaged(see Build Requirements):
 rm -rf cups/libs freetype ijs jbig2dec jpeg lcms2* libpng openjpeg tiff zlib
@@ -205,6 +207,12 @@ install -m 0755 -d %{buildroot}%{_datadir}/%{name}/conf.d/
 %{_bindir}/dvipdf
 
 %changelog
+* Sun Apr 28 2024 xuchenchen <xuchenchen@kylinos.cn> - 9.56.1-4 
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DECS: fix CVE-2023-52722
+
 * Mon Dec 25 2023 liningjie <liningjie@xfusion.com> - 9.56.1-3
 - Type:CVE
 - ID:NA
-- 
Gitee