Bug 480775 - Ghostscript ps2pdf gives "buffer overflow detected"
Ghostscript ps2pdf gives "buffer overflow detected"
Status: CLOSED DUPLICATE of bug 495916
Product: Fedora
Classification: Fedora
Component: ghostscript (Show other bugs)
10
All Linux
low Severity medium
: ---
: ---
Assigned To: Tim Waugh
Fedora Extras Quality Assurance
:
Depends On:
Blocks: CVE-2008-6679
  Show dependency treegraph
 
Reported: 2009-01-20 09:03 EST by Jeremy Sanders
Modified: 2009-04-15 12:09 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-04-15 12:09:15 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Postscript file to demonstrate crash (31.95 KB, application/x-compressed)
2009-01-20 09:03 EST, Jeremy Sanders
no flags Details

  None (edit)
Description Jeremy Sanders 2009-01-20 09:03:51 EST
Created attachment 329463 [details]
Postscript file to demonstrate crash

Description of problem:

Converting some PS figures to PDF gives:

$ ps2pdf Comparing_revmap_kband_figure.eps                              
** buffer overflow detected ***: gs terminated                                   
======= Backtrace: =========                                                      
/lib64/libc.so.6(__fortify_fail+0x37)[0x340c0ff4c7]                               
/lib64/libc.so.6[0x340c0fd370]                                                    
/lib64/libc.so.6[0x340c0fc6f9]                                                    
/lib64/libc.so.6(_IO_default_xsputn+0x96)[0x340c076636]                           
/lib64/libc.so.6(_IO_vfprintf+0x1c1c)[0x340c04747c]                               
/lib64/libc.so.6(__vsprintf_chk+0x9d)[0x340c0fc79d]                               
/lib64/libc.so.6(__sprintf_chk+0x80)[0x340c0fc6e0]                                
/usr/lib64/libgs.so.8(pdf_base_font_alloc+0x318)[0x363427f9b8]                    
/usr/lib64/libgs.so.8(pdf_font_descriptor_alloc+0x53)[0x3634281e73]               
/usr/lib64/libgs.so.8[0x363428cec4]                                               
/usr/lib64/libgs.so.8[0x363428db26]                                               
/usr/lib64/libgs.so.8(pdf_obtain_font_resource+0xdc)[0x363428e38c]                
/usr/lib64/libgs.so.8[0x363428454c]                                               
/usr/lib64/libgs.so.8(process_composite_text+0x3ce)[0x3634281a4e]                 
/usr/lib64/libgs.so.8[0x363428f2b4]                                               
/usr/lib64/libgs.so.8(op_show_continue_pop+0x24)[0x3634158fd4]                    
/usr/lib64/libgs.so.8[0x36341592a8]                                               
/usr/lib64/libgs.so.8[0x3634138213]                                               
/usr/lib64/libgs.so.8(gs_interpret+0x1ab)[0x36341398eb]                           
/usr/lib64/libgs.so.8(gs_main_run_string_end+0x4a)[0x363412e32a]                  
/usr/lib64/libgs.so.8[0x363412f470]                                               
/usr/lib64/libgs.so.8[0x363412fc17]                                               
/usr/lib64/libgs.so.8(gs_main_init_with_args+0x403)[0x3634131613]                 
gs(main+0x9d)[0x400a3d]                                                           
/lib64/libc.so.6(__libc_start_main+0xe6)[0x340c01e576]                            
gs[0x4008d9]                                                                      


Version-Release number of selected component (if applicable):
ghostscript-8.63-4.fc10.x86_64

How reproducible:
Every time


Steps to Reproduce:
1. Run "ps2pdf Comparing_revmap_kband_figure.eps"
  
Actual results:
Crash

Expected results:
PDF file created


Additional info:
Comment 1 Jeremy Sanders 2009-01-20 09:09:30 EST
Apologies, I've just found that ghostscript has this in their bug database and it appears as if it is patched:
* http://bugs.ghostscript.com/show_bug.cgi?id=690211
* http://svn.ghostscript.com/viewvc?view=rev&sortby=rev&revision=9304
Comment 2 Tim Waugh 2009-04-15 12:09:15 EDT

*** This bug has been marked as a duplicate of bug 495916 ***

Note You need to log in before you can comment on or make changes to this bug.