[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug-gv] Re: Security issues

From: paul . szabo
Subject: [bug-gv] Re: Security issues
Date: Sun, 30 May 2010 20:02:28 +1000

Bernhard R. Link <address@hidden> wrote:

> 3) Scaning pdf2dsc using pdf2dsc.ps
> Related to 2, there is an other issue: The scanning is done by
> pdf2dsc.ps, which is specified on the command line. As far as I can
> tell, gs looks for files specified as command line arguments in the
> current directory first, even with -P-. So even with -P- this could
> be exploited by adding a pdf2dsc.ps in the current directory (think
> /tmp). I do not know how to fix this best. Perhaps shipping a postscript
> file with gv (thus one has an absolute path) that reads and executes
> the one from the system path?

Is not this a gs issue (as distinct from gv)? My Debian pdf2dsc bits
come from package ghostscript.

Is not it sufficient to modify the /usr/bin/pdf2dsc script to contain an
absolute path for pdf2dsc.ps i.e. to include

    -sPDFname="$pdffile" -sDSCname="$dscfile"\
    /usr/share/ghostscript/8.62/lib/pdf2dsc.ps -c quit

(or somesuch)?


Looking in that /usr/bin/pdf2dsc script, I see:

gs="`dirname $0`/$GS_EXECUTABLE"
if test ! -x "$gs"; then

Should not that last line be
? Even then the script is badly written, should probably be:

gs="`dirname $0`/$GS_EXECUTABLE"
if test -x "$gs"; then


Should either of the above be reported to ghostscript or to Debian?

Cheers, Paul

Paul Szabo   address@hidden   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia

reply via email to

[Prev in Thread] Current Thread [Next in Thread]