1243784 – ghostscript not checking for icc_profile errors (in initialization)

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1243784 - ghostscript not checking for icc_profile errors (in initialization)

Summary: ghostscript not checking for icc_profile errors (in initialization)

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ghostscript
Sub Component:
Version:	7.2
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	rc
Target Release:	---
Assignee:	David Kaspar // Dee'Kej
QA Contact:	QE Internationalization Bugs
Docs Contact:
URL:
Whiteboard:
Duplicates (6):	1252103 1269126 1270236 1297828 1317949 1334445 (view as bug list)
Depends On:	1250914
Blocks:	1289025 1291483 1305230
TreeView+	depends on / blocked

Reported:	2015-07-16 10:01 UTC by Martin Cermak
Modified:	2016-11-04 08:28 UTC (History)
CC List:	17 users (show)
Fixed In Version:	ghostscript-9.07-19.el7
Doc Type:	Bug Fix
Doc Text:	NO_DOCS
Clone Of:
Environment:
Last Closed:	2016-11-04 08:28:22 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
xz'd reproducer file (135.11 KB, application/x-xz) 2015-07-16 10:01 UTC, Martin Cermak	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2016:2550	0	normal	SHIPPED_LIVE	ghostscript bug fix update	2016-11-03 14:20:31 UTC

Description Martin Cermak 2015-07-16 10:01:09 UTC

Created attachment 1052631 [details]
xz'd reproducer file

This is ppc64le specific: Following segfault makes systemtap fail to build it's documentation (FTBFS in brew as well):

=======
 7.2 S ppc64le # gdb -q -args /usr/bin/gs -P- -dSAFER -dCompatibilityLevel=1.4 -q -P- -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sstdout=%stderr -sOutputFile=tutorial.pdf -P- -dSAFER -dCompatibilityLevel=1.4 -c .setpdfwrite -f tutorial.ps
Reading symbols from /usr/bin/gs...Reading symbols from /usr/lib/debug/usr/bin/gs.debug...done.
done.
(gdb) r
Starting program: /usr/bin/gs -P- -dSAFER -dCompatibilityLevel=1.4 -q -P- -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sstdout=%stderr -sOutputFile=tutorial.pdf -P- -dSAFER -dCompatibilityLevel=1.4 -c .setpdfwrite -f tutorial.ps
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/power8/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
cmsGetColorSpace (hProfile=0x0) at cmsio0.c:901
901     }
(gdb) bt
#0  cmsGetColorSpace (hProfile=0x0) at cmsio0.c:901
#1  0x00003fffb76db818 in gscms_get_input_channel_count (profile=<optimized out>) at base/gsicc_lcms2.c:110
#2  0x00003fffb76d757c in gsicc_set_device_profile (pdev=0x100de3c8, mem=0x10031f78, file_name=<optimized out>, pro_enum=<optimized out>) at base/gsicc_manage.c:1553
#3  0x00003fffb76d792c in gsicc_init_device_profile_struct (dev=0x100de3c8, profile_name=0x1038ce40 "default_rgb.icc", profile_type=<optimized out>) at base/gsicc_manage.c:1477
#4  0x00003fffb7897bf0 in gs_setdevice_no_erase (pgs=0x10066aa8, dev=0x100de3c8) at base/gsdevice.c:472
#5  0x00003fffb76472b0 in zsetdevice (i_ctx_p=0x100828b8) at psi/zdevice.c:467
#6  0x00003fffb7607dd8 in interp (pi_ctx_p=0x100304a8, pref=<optimized out>, perror_object=0x3fffffffd808) at psi/interp.c:1552
#7  0x00003fffb760877c in gs_call_interp (perror_object=0x3fffffffd808, pexit_code=0x3fffffffd804, user_errors=<optimized out>, pref=<optimized out>, pi_ctx_p=0x100304a8) at psi/interp.c:501
#8  gs_interpret (pi_ctx_p=0x100304a8, pref=<optimized out>, user_errors=<optimized out>, pexit_code=0x3fffffffd804, perror_object=0x3fffffffd808) at psi/interp.c:459
#9  0x00003fffb75f8d04 in gs_main_interpret (perror_object=0x3fffffffd808, pexit_code=0x3fffffffd804, user_errors=<optimized out>, pref=0x3fffffffd220, minst=0x10030410) at psi/imain.c:235
#10 gs_run_init_file (minst=0x10030410, pexit_code=0x3fffffffd804, perror_object=0x3fffffffd808) at psi/imain.c:540
#11 0x00003fffb75f93f0 in gs_main_init2aux (minst=0x10030410) at psi/imain.c:277
#12 0x00003fffb75f9c58 in gs_main_init2 (minst=0x10030410) at psi/imain.c:310
#13 0x00003fffb75fbab8 in swproc (minst=<optimized out>, arg=0x3ffffffff3f8 "", pal=<optimized out>) at psi/imainarg.c:374
#14 0x00003fffb75fd438 in gs_main_init_with_args (minst=0x10030410, argc=<optimized out>, argv=0x3fffffffef88) at psi/imainarg.c:211
#15 0x00003fffb75fe8ac in gsapi_init_with_args (lib=<optimized out>, argc=<optimized out>, argv=<optimized out>) at psi/iapi.c:180
#16 0x0000000010000ac8 in main (argc=<optimized out>, argv=0x3fffffffef88) at psi/dxmainc.c:86
=======

Comment 1 Dan Horák 2015-12-07 16:06:24 UTC

maybe related to bug 1250914

Comment 5 David Kaspar // Dee'Kej 2016-01-05 16:46:55 UTC

*** Bug 1270236 has been marked as a duplicate of this bug. ***

Comment 6 David Kaspar // Dee'Kej 2016-01-06 17:18:35 UTC

*** Bug 1252103 has been marked as a duplicate of this bug. ***

Comment 7 David Kaspar // Dee'Kej 2016-01-06 18:10:57 UTC

*** Bug 1269126 has been marked as a duplicate of this bug. ***

Comment 8 David Kaspar // Dee'Kej 2016-01-12 17:59:52 UTC

*** Bug 1297828 has been marked as a duplicate of this bug. ***

Comment 9 David Kaspar // Dee'Kej 2016-01-12 18:07:33 UTC

I'm reposting some info so it should be visible by everybody now:
-------------
There are actually 2 problems here:
1) The Segmentation fault is caused by the problem in lcms2 building process for ppc64le. It is more described in bug 1250914.
 
2) The 'ghostscript' itself (of version 9.07) does not expect the problem
with endianess to happen, so it does not check for the errors in the gsicc_*
functions.

The 2) was fixed in version 9.08, with this commit: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b1d518660381c8cec7f603ef05eea85e1d683817

Comment 10 David Kaspar // Dee'Kej 2016-05-11 11:25:50 UTC

*** Bug 1317949 has been marked as a duplicate of this bug. ***

Comment 11 David Kaspar // Dee'Kej 2016-05-11 13:22:06 UTC

*** Bug 1334445 has been marked as a duplicate of this bug. ***

Comment 17 errata-xmlrpc 2016-11-04 08:28:22 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2550.html

Note You need to log in before you can comment on or make changes to this bug.