1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
|
Description: CVE-2016-7978: reference leak in .setdevice allows use-after-free and remote code execution
Origin: upstream, http://git.ghostscript.com/?p=ghostpdl.git;h=6f749c0c44e7b9e09737b9f29edf29925a34f0cf
Bug: http://bugs.ghostscript.com/show_bug.cgi?id=697179
Bug-Debian: https://bugs.debian.org/839845
Forwarded: not-needed
Author: Chris Liddell <chris.liddell@artifex.com>
Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2016-10-08
---
--- a/base/gsdevice.c
+++ b/base/gsdevice.c
@@ -540,6 +540,7 @@ gx_device_init(gx_device * dev, const gx
dev->memory = mem;
dev->retained = !internal;
rc_init(dev, mem, (internal ? 0 : 1));
+ rc_increment(dev->icc_struct);
}
/* Make a null device. */
|