[pkgsrc/trunk]: pkgsrc/print/ghostscript-gpl Apply fix for CVE-2016-7977,

[he <he%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/982234f0d781
branches:  trunk
changeset: 371504:982234f0d781
user:      he <he%pkgsrc.org@localhost>
date:      Mon Nov 13 16:52:51 2017 +0000

description:
Apply fix for CVE-2016-7977,
fixing bug 697169, from
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef70

Revert fix for CVE-2017-8291, it has build issues :(
Apparently our base ghostscript-gpl is too old for the fix.

Bump PKGREVISION.

diffstat:

 print/ghostscript-gpl/Makefile                  |   4 +-
 print/ghostscript-gpl/distinfo                  |   4 +-
 print/ghostscript-gpl/patches/patch-psi_zfrsd.c |  55 -------------------------
 3 files changed, 4 insertions(+), 59 deletions(-)

diffs (88 lines):

diff -r 25c59294808d -r 982234f0d781 print/ghostscript-gpl/Makefile
--- a/print/ghostscript-gpl/Makefile    Mon Nov 13 16:42:17 2017 +0000
+++ b/print/ghostscript-gpl/Makefile    Mon Nov 13 16:52:51 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.35 2017/11/13 16:41:48 he Exp $
+# $NetBSD: Makefile,v 1.36 2017/11/13 16:52:51 he Exp $
 
 DISTNAME=      ghostscript-${GS_VERSION}
 PKGNAME=       ${DISTNAME:S/ghostscript/ghostscript-gpl/}
-PKGREVISION=   18
+PKGREVISION=   19
 CATEGORIES=    print
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=ghostscript/}
 MASTER_SITES+= https://ghostscript.com/releases/
diff -r 25c59294808d -r 982234f0d781 print/ghostscript-gpl/distinfo
--- a/print/ghostscript-gpl/distinfo    Mon Nov 13 16:42:17 2017 +0000
+++ b/print/ghostscript-gpl/distinfo    Mon Nov 13 16:52:51 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.21 2017/11/13 16:41:48 he Exp $
+$NetBSD: distinfo,v 1.22 2017/11/13 16:52:51 he Exp $
 
 SHA1 (ghostscript-9.06.tar.bz2) = 4c1c2b4cddd16d86b21f36ad4fc15f6100162238
 RMD160 (ghostscript-9.06.tar.bz2) = 11ef74cf783ec5f7cde0ceaaf2823a1f62fb4d1d
@@ -30,4 +30,4 @@
 SHA1 (patch-base_memento.c) = d30cfb9285a0268e743c90cdf831674eaa24789b
 SHA1 (patch-cups_colord.h) = ab5c4bfa7184d2c1756697b87e7046645bdc2bc2
 SHA1 (patch-openjpeg_libopenjpeg_opj_malloc_h) = 24f15c55cd7961afc1254f6c4bccd6d0c2a5e737
-SHA1 (patch-psi_zfrsd.c) = fe46c6fe763b56779fdd66404324eb92971890a6
+SHA1 (patch-psi_zfile.c) = 24626fed9b161a77d9ab43233bad4c8391120b16
diff -r 25c59294808d -r 982234f0d781 print/ghostscript-gpl/patches/patch-psi_zfrsd.c
--- a/print/ghostscript-gpl/patches/patch-psi_zfrsd.c   Mon Nov 13 16:42:17 2017 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-$NetBSD: patch-psi_zfrsd.c,v 1.1 2017/11/13 15:10:05 he Exp $
-
-Fix for CVE-2017-8291 from
-https://git.ghostscript.com/?p=ghostpdl.git;a=blobdiff_plain;f=psi/zfrsd.c;h=950588d696b682448ec3216fb3ea397999bb50a5;hp=191107d8ae0b3becea2c7318e3ed538b0d18d470;hb=04b37bbce174eed24edec7ad5b920eb93db4d47d;hpb=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
-
-Original commit message:
-Bug 697799: have .rsdparams check its parameters
-
-The Ghostscript internal operator .rsdparams wasn't checking the number or
-type of the operands it was being passed. Do so.
-
---- psi/zfrsd.c.orig   2012-08-08 08:01:36.000000000 +0000
-+++ psi/zfrsd.c
-@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p)
-     ref *pFilter;
-     ref *pDecodeParms;
-     int Intent = 0;
--    bool AsyncRead;
-+    bool AsyncRead = false;
-     ref empty_array, filter1_array, parms1_array;
-     uint i;
--    int code;
-+    int code = 0;
-+
-+    if (ref_stack_count(&o_stack) < 1)
-+        return_error(gs_error_stackunderflow);
-+    if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
-+        return_error(gs_error_typecheck);
-+    }
- 
-     make_empty_array(&empty_array, a_readonly);
--    if (dict_find_string(op, "Filter", &pFilter) > 0) {
-+    if (r_has_type(op, t_dictionary)
-+        && dict_find_string(op, "Filter", &pFilter) > 0) {
-         if (!r_is_array(pFilter)) {
-             if (!r_has_type(pFilter, t_name))
-                 return_error(e_typecheck);
-@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p)
-                 return_error(e_typecheck);
-         }
-     }
--    code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
-+    if (r_has_type(op, t_dictionary))
-+      code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
-     if (code < 0 && code != e_rangecheck) /* out-of-range int is ok, use 0 */
-         return code;
--    if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0
--        )
--        return code;
-+    if (r_has_type(op, t_dictionary))
-+      if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0)
-+          return code;
-     push(1);
-     op[-1] = *pFilter;
-     if (pDecodeParms)