File _service:tar_scm:fix-CVE-2024-33869.patch of Package ghostscript

From 5ae2e320d69a7d0973011796bd388cd5befa1a43 Mon Sep 17 00:00:00 2001
From: Ken Sharp <Ken.Sharp@artifex.com>
Date: Tue, 26 Mar 2024 12:02:57 +0000
Subject: [PATCH] fix CVE-2024-33869

Part 1; when stripping a potential Current Working Dirctory specifier
from a path, make certain it really is a CWD, and not simply large
ebough to be a CWD.

Reasons are in the bug thread, this is not (IMO) serious.

This is part of the fix for CVE-2024-33869
---
 base/gpmisc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/base/gpmisc.c b/base/gpmisc.c
index f9a9230..f6b8870 100644
--- a/base/gpmisc.c
+++ b/base/gpmisc.c
@@ -1136,8 +1136,8 @@ gp_validate_path_len(const gs_memory_t *mem,
             memcpy(buffer + cdirstrl, dirsepstr, dirsepstrl);
             continue;
         }
-        else if (code < 0 && cdirstrl > 0 && prefix_len == 0 && buffer == bufferfull) {
-            buffer = bufferfull + cdirstrl + dirsepstrl;
+        else if (code < 0 && cdirstrl > 0 && prefix_len == 0 && buffer == bufferfull
+            && memcmp(buffer, cdirstr, cdirstrl) && !memcmp(buffer + cdirstrl, dirsepstr, dirsepstrl)) {
             continue;
         }
         break;
-- 
2.27.0