Submitted By: Randy McMurchy Date: 2008-03-24 Initial Package Version: 8.15.4 Upstream Status: In GPL Ghostscript SVN Origin: http://bugs.gentoo.org/attachment.cgi?id=143467 Description: Fixes a buffer overflow vulnerability diff -Naur espgs-8.15.4-orig/src/zicc.c espgs-8.15.4/src/zicc.c --- espgs-8.15.4-orig/src/zicc.c 2005-01-19 04:08:41.000000000 +0000 +++ espgs-8.15.4/src/zicc.c 2008-03-25 03:56:08.000000000 +0000 @@ -80,6 +80,9 @@ dict_find_string(op, "N", &pnval); ncomps = pnval->value.intval; + if (2*ncomps > sizeof(range_buff)/sizeof(float)) + return_error(e_rangecheck); + /* verify the DataSource entry */ if (dict_find_string(op, "DataSource", &pstrmval) <= 0) return_error(e_undefined);