app-text/ghostscript-gpl/files/ghostscript-9.53-Disallow-NOSAFER.patch - third_party/overlays/chromiumos-overlay - Git at Google

 From b37721b52923ac2c34186e953007930c36bc87ee Mon Sep 17 00:00:00 2001
 From: Sean Kau <skau@chromium.org>
 Date: Fri, 22 Jan 2021 15:02:27 -0800
 Subject: [PATCH 6/6] Disallow -dNOSAFER

 ChromiumOS only uses PPDs that run with -dSAFER.  Disallow the
 less safe option.
 ---
  psi/imainarg.c | 6 ++++++
  1 file changed, 6 insertions(+)

 diff --git a/psi/imainarg.c b/psi/imainarg.c
 index f5fe1f3e0..43834d647 100644
 --- a/psi/imainarg.c
 +++ b/psi/imainarg.c
 @@ -806,6 +806,12 @@ run_stdin:
                      return gs_error_Fatal;
                  eqp = strchr(adef, '=');

 +                if (strncmp(adef, "NOSAFER", 7) == 0) {
 +                    puts(minst->heap, "-dNOSAFER is not allowed");
 +                    arg_free((char *)adef, minst->heap);
 +                    return gs_error_Fatal;
 +                }
 +
                  if (eqp == NULL)
                      eqp = strchr(adef, '#');
                  /* Initialize the object memory, scanner, and */
 --
 2.31.0.208.g409f899ff0-goog
	From b37721b52923ac2c34186e953007930c36bc87ee Mon Sep 17 00:00:00 2001
	From: Sean Kau <skau@chromium.org>
	Date: Fri, 22 Jan 2021 15:02:27 -0800
	Subject: [PATCH 6/6] Disallow -dNOSAFER

	ChromiumOS only uses PPDs that run with -dSAFER. Disallow the
	less safe option.
	---
	psi/imainarg.c \| 6 ++++++
	1 file changed, 6 insertions(+)

	diff --git a/psi/imainarg.c b/psi/imainarg.c
	index f5fe1f3e0..43834d647 100644
	--- a/psi/imainarg.c
	+++ b/psi/imainarg.c
	@@ -806,6 +806,12 @@ run_stdin:
	return gs_error_Fatal;
	eqp = strchr(adef, '=');

	+ if (strncmp(adef, "NOSAFER", 7) == 0) {
	+ puts(minst->heap, "-dNOSAFER is not allowed");
	+ arg_free((char *)adef, minst->heap);
	+ return gs_error_Fatal;
	+ }
	+
	if (eqp == NULL)
	eqp = strchr(adef, '#');
	/* Initialize the object memory, scanner, and */
	--
	2.31.0.208.g409f899ff0-goog