e97353cf79
pstopnm called the ghostscript interpreter on potentially untrusted PostScript without specifying the -dSAFER option. Not running under -dSAFER allows PostScript code to do file IO and to open pipes to arbitrary external programs, including /bin/sh. Originally reported by Max Vozeler/Debian Linux; ok brad@
13 lines
490 B
Plaintext
13 lines
490 B
Plaintext
$OpenBSD: patch-pnm_pstopnm_c,v 1.1 2005/08/11 15:54:46 naddy Exp $
|
|
--- pnm/pstopnm.c.orig Thu Aug 11 16:40:29 2005
|
|
+++ pnm/pstopnm.c Thu Aug 11 16:40:52 2005
|
|
@@ -478,7 +478,7 @@ execute_ghostscript(const char pstrans[]
|
|
|
|
sprintf(ghostscript_command,
|
|
"gs -sDEVICE='%s' -sOutputFile='%s' -g'%dx%d' -r'%dx%d' "
|
|
- "-q -dNOPAUSE -",
|
|
+ "-q -dNOPAUSE -dSAFER -",
|
|
ghostscript_device, outfile_arg,
|
|
xsize, ysize, xres, yres);
|
|
|