Log of #ghostscript at irc.freenode.net.

Search:
 <<<Back 1 day (to 2017/02/13)20170214 
emendelson I don't suppose many customers care about them, so this isn't a priority. I know of exactly two users who might want this (they're history professor in Spain) and they're not paying customers. Still, I suppose the question has already come up.00:01.19 
ray_laptop acharles: sorry I was away. The commit you mention was: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef7004:29.10 
  and also http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b60d50b7567369ad856cebe1efb6cd7dd2284219 should be in 9.2004:29.51 
acharles ray_laptop: It seems like I have a eps file which can read /etc/passwd and list the contents of various system directories. I think the documentation says that SAFER should only be allowed to read files given on the command line and files in a special locations.06:10.32 
  Though, we can talk more tomorrow.06:10.40 
chrisl acharles: a quick test of master suggests SAFER is now working as I expect. But obviously, I don't know exactly what your file is doing. If you can post the file somewhere, I can try it.08:13.42 
acharles sure08:26.09 
  https://gist.github.com/ahmedcharles/5b6ea2340f33f08413d8dae5d391734008:28.54 
  chrisl: Thanks.08:29.00 
  Note: I didn’t write the postscript.08:29.50 
chrisl Just a pedantic point of order: that's not an eps file, it's a ps file08:30.42 
acharles Ah, the file I got had a eps extension, and GS doesn’t complain (I guess because it doesn’t care about extension)08:31.31 
chrisl eps files are single pages, with specific (DSC comment) structures, and some restrictions on what they should do (they shouldn't eject pages, make device level changes etc). Postscript (ps) files are just arbitrary PS08:36.13 
  Okay, I see there is a problem here - I've no idea how the file is managing it, though... will need to dig into it08:36.50 
acharles Do you get output for both the list of directories and the /etc/passwd file?08:38.04 
chrisl Yes08:38.09 
acharles Ok, then you’ve repro’d my experience. :)08:38.41 
  Thanks for taking a look08:39.04 
chrisl Part of the problem is that the file is using the ".libfile" and "findlibfile" operators08:39.52 
acharles I don’t even know what those do :)08:42.23 
chrisl They're non-standard, Ghostscript specific, that *really* should only be used in our internal code08:43.22 
  Anyway, I have a couple of things to finish up (and need more coffee), then I'll look at this properly08:43.46 
acharles That makes sense, though, in that case, SAFER should prevent them being used when loaded from a user file? Enjoy your coffee, I’ll be going asleep soon since I’m PST (like ray, apparently)08:44.56 
chrisl I'm leaning towards making those operators disappear after initialization - as I said, I'll have a proper look later today08:49.09 
kens I was about to suggest undefining them08:49.23 
acharles Works for me :P08:49.29 
chrisl I think one of the reasons I've not made .libfile and co. go away after initialization is because a load of the tools in lib use those operators :-(10:38.37 
kens Typical....10:38.52 
  Do they also use DELAYSAFER and .setsafe ?10:39.06 
chrisl I don't think so10:39.20 
  cd lib10:39.30 
  Grrr!10:39.37 
kens O.O10:39.42 
chrisl So, basically, it looks like HinTak just went through and added -dSAFER to the scripts in lib that didn't already have it10:41.35 
kens sigh....10:41.53 
chrisl And frankly, I'm not that keen on trawling through 113 files to work out whether each is a problem or not :-(10:44.15 
kens No, I was already thinking that10:46.21 
chrisl ROFL! font2c does -dSAFER and then does -dWRITESYSTEMDICT !!10:48.22 
kens Clear evidence of not reading the code when adding -dSAFER10:48.45 
chrisl TBH, I'm inclined to undefine .libfile etc, and fix any lib problems that arise when someone finds them10:59.36 
kens I'd say that's reasonable10:59.50 
  Or at least undefine .libfile is SAFER is true11:00.07 
  if*11:00.11 
chrisl Yes, that's what I mean.11:00.16 
  Of course, there is also the problem of finding every relevant procedure/operator.....11:00.36 
sebras tor8: do you mind taking a quick squiz at -nui:sebras/master to see if it looks reasonable? if so I'll push it to master.13:15.08 
tor8 sebras: mixed spaces and tabs in res/values/strings.xml13:16.46 
sebras yeah, just noticed that myself13:17.17 
tor8 sebras: otherwise, LGTM13:17.39 
  could you take a look at fred's changes and see if they work for you?13:17.53 
  I just checked them locally, and they seem fine to me13:18.06 
sebras tor8: ok, then I'll push my stuff and take a look at fred/master13:18.29 
tor8 I think the ContextCompat.getColor stuff can just as well be context.getResources().getColor() and not depend on the ContextCompat class13:20.51 
sebras tor8: perhaps, I can try changing that.13:31.09 
  I did notice that the crash when rotating in the emualtor is still there. I'm rebuilding everything to make sure I haven't messed up.13:31.39 
  the zooming inconsistencies appear to be largely fixed though.13:31.55 
  tor8: using getResources() as you proposed works fine, I've updated the commit.14:21.29 
  and touched up the commit messages.14:21.46 
  tor8: while I don't understand the maths in the commits I see fewer inconsistencies in the UI so I'll commit.14:22.14 
tor8 sebras: cool.14:22.37 
sebras tor8: I reproduced one more, but since my harddrives on my desktop are having problems I can't easily convert the video from my phone. that's have to wait.14:23.19 
  one more issue.14:23.23 
  fredross-perry: this means -nui:fred/master is now merged.14:24.21 
jogux sebras: I often just upload my bug videos as unlisted youtube videos straight from my phone, saves messing around on desktop etc.14:27.01 
sebras jogux: ah, good tip!15:03.55 
 Forward 1 day (to 2017/02/15)>>> 
ghostscript.com
Search: