update epstopdf to the version in TL (v2.15)
---
 texmf-dist/doc/latex/epstopdf/README    |   10 -
 texmf-dist/scripts/epstopdf/epstopdf.pl |  241 +++++++++++++++++---------------
 texmf/doc/man/man1/epstopdf.1           |   46 +++---
 3 files changed, 161 insertions(+), 136 deletions(-)

Index: texlive-extra-2009/texmf-dist/doc/latex/epstopdf/README
===================================================================
--- texlive-extra-2009.orig/texmf-dist/doc/latex/epstopdf/README	2009-10-04 00:11:07.000000000 +0900
+++ texlive-extra-2009/texmf-dist/doc/latex/epstopdf/README	2010-03-29 00:24:04.000000000 +0900
@@ -1,4 +1,4 @@
-$Id: README 15532 2009-09-28 15:55:43Z karl $
+$Id: README 15641 2009-10-04 16:42:16Z karl $
 This file is public domain.  (Originally written by Karl Berry, 2009.)
 
 This is the README for the epstopdf script distribution.
@@ -10,15 +10,15 @@
 
 Mailing list for bugs and discussion: http://lists.tug.org/tex-k
 When reporting bugs, please include an input file and command line
-options so the problem can be reproduced.
+options, so the problem can be reproduced.
 
 -------------------------------------------------------------------------
-The test-binary file was supplied by Akira Kakuto.  It contains binary
-data.  It is public domain.
+The test-binary and test-bin2 files were supplied by Akira Kakuto and
+Reinhard Kotucha.  They contain binary data.  They are public domain.
 
 The test-binhdr* files were supplied by Martin von Gagern, constructed
 as follows.  They contain binary junk before the EPS starts.  We also
-use this to test different line endings.  These files are public domain.
+use these to test different line endings.  These files are public domain.
 
 { echo -e '%Some\000binary\001comment'; dot -Tps <<< 'digraph{a->b}'; }
   > test-binhdr-lf.eps
Index: texlive-extra-2009/texmf-dist/scripts/epstopdf/epstopdf.pl
===================================================================
--- texlive-extra-2009.orig/texmf-dist/scripts/epstopdf/epstopdf.pl	2009-10-20 08:15:30.000000000 +0900
+++ texlive-extra-2009/texmf-dist/scripts/epstopdf/epstopdf.pl	2010-03-29 00:24:17.000000000 +0900
@@ -2,7 +2,7 @@
   if 0;
 use strict;
 
-# $Id: epstopdf.pl 15843 2009-10-19 23:14:41Z karl $
+# $Id: epstopdf.pl 17496 2010-03-18 17:57:31Z karl $
 # (Copyright lines below.)
 #
 # Redistribution and use in source and binary forms, with or without
@@ -39,20 +39,37 @@
 #   c) the result is piped to Ghostscript and a PDF version written.
 #
 # It needs a Level 2 PS interpreter.
-# If the bounding box is not right, of course, there will be problems.
+# If the input bounding box is not right, of course there will be problems.
 #
-# One thing not allowed for is the case of
+# One thing not allowed for: the case of
 # "%%BoundingBox: (atend)" when input is not seekable (e.g., from a pipe),
-# which is more complicated.
 #
 # emacs-page
 # History
-#  2009/10/18 v2.13 (Manuel P\'egouri\'e-Gonnard)
-#    * Better argument validation, from Alexander Cherepanov.
-#    * Use the list form of pipe open() (resp. system()) to prevent injection.
+#  2010/03/19 v2.15 (Karl Berry)
+#    * let --outfile override --filter again.
+#    * recognize MSWin64 as well as MSWin32, just in case.
+#  2010/03/08 v2.14 (Manuel P\'egouri\'e-Gonnard)
+#    * In restricted mode, forbid --gscmd (all platforms) and call GS with full
+#    path relative to self location (Windows).
+#  2010/02/26 v2.13 (Karl Berry)
+#    * New release.
+#  2010/02/23       (Manuel P\'egouri\'e-Gonnard)
+#    * Use kpsewhich for filename validation in restricted mode, both input and
+#    output. Requires kpathsea 5.1.0 (TL2010), rejects the name with earlier
+#    versions of kpsewhich.
+#    * Call external programs with full path on win32 in order to avoid obvious
+#    attacks with rogue versions of these programs in the current directory.
+#  2009/11/27 v2.12 (Karl Berry)
+#    * Make --filter work again
+#  2009/11/25       (Manuel P\'egouri\'e-Gonnard)
+#    * Better extension detection, suggested by A. Cherepanov.
+#  2009/10/18       (Manuel P\'egouri\'e-Gonnard)
+#    * Better argument validation (Alexander Cherepanov).
+#    * Use list form of pipe open() (resp. system()) to prevent injection.
 #    Since Perl's fork() emulation doesn't work on Windows with Perl 5.8.8 from
 #    TeX Live 2009, use a temporary file instead of a pipe on Windows.
-#  2009/10/14 v2.12 (Manuel P\'egouri\'e-Gonnard)
+#  2009/10/14       (Manuel P\'egouri\'e-Gonnard)
 #    * Added restricted mode.
 #  2009/09/27 v2.11 (Karl Berry)
 #    * Fixed two bugs in the (atend) handling code (Martin von Gagern)
@@ -129,37 +146,39 @@
 
 ### program identification
 my $program = "epstopdf";
-my $ident = '($Id: epstopdf.pl 15843 2009-10-19 23:14:41Z karl $) 2.11';
+my $ident = '($Id: epstopdf.pl 17496 2010-03-18 17:57:31Z karl $) 2.15';
 my $copyright = <<END_COPYRIGHT ;
-Copyright 1998-2001 Sebastian Rahtz et al.
+Copyright 2009-2010 Karl Berry et al.
 Copyright 2002-2009 Gerben Wierda et al.
-Copyright 2009 Karl Berry et al.
+Copyright 1998-2001 Sebastian Rahtz et al.
 License RBSD: Revised BSD <http://www.xfree86.org/3.3.6/COPYRIGHT2.html#5>
 This is free software: you are free to change and redistribute it.
 There is NO WARRANTY, to the extent permitted by law.
 END_COPYRIGHT
 my $title = "$program $ident\n";
 
+my $on_windows = $^O =~ /^MSWin/;
+my $on_windows_or_cygwin = $on_windows || $^O eq "cygwin";
+
 ### ghostscript command name
-my $GS = "gs";
-$GS = "gswin32c" if $^O eq 'MSWin32';
+my $GS = $on_windows ? "gswin32c" : "gs";
 
 ### restricted mode
 my $restricted = 0;
 $restricted = 1 if $0 =~ /repstopdf/;
 
 ### options
-$::opt_outfile="";
-$::opt_compress=1;
-$::opt_debug=0;
-$::opt_embed=1;
-$::opt_exact=0;
-$::opt_filter=0;
-$::opt_gs=1;
-$::opt_hires=0;
-$::opt_gscmd="";
-$::opt_res=0;
-$::opt_autorotate="None";
+$::opt_autorotate = "None";
+$::opt_compress = 1;
+$::opt_debug = 0;
+$::opt_embed = 1;
+$::opt_exact = 0;
+$::opt_filter = 0;
+$::opt_gs = 1;
+$::opt_gscmd = "";
+$::opt_hires = 0;
+$::opt_outfile = "";
+$::opt_res = 0;
 
 ### usage
 my @bool = ("false", "true");
@@ -189,7 +208,7 @@
                       For EPS files, PageByPage is equivalent to All
   --restricted       use restricted mode   (default: $bool[$restricted])
 
-Examples for producing 'test.pdf':
+Examples producing test.pdf:
   * $program test.eps
   * produce postscript | $program --filter >test.pdf
   * produce postscript | $program -f -d -o=test.pdf
@@ -207,40 +226,57 @@
 ### process options
 use Getopt::Long;
 GetOptions (
-  "help",
-  "version",
-  "outfile=s", 		# \ref{openout_any}
+  "autorotate=s",	# \ref{val_autorotate}
   "compress!",
   "debug!",
   "embed!",
   "exact!",
   "filter!",
   "gs!",
-  "hires!",
   "gscmd=s", 		# \ref{val_gscmd}
-  "res=i",		# validated by Getopt ('i' specifier)
-  "autorotate=s",	# \ref{val_autorotate}
+  "help",
+  "hires!",
+  "outfile=s", 		# \ref{openout_any}
+  "res=i",		# validated by getopt ('i' specifier)
   "restricted",
+  "version",
 ) or die $usage;
 
 ### help functions
-sub debug {
-  print STDERR "* @_\n" if $::opt_debug;
-}
-sub warning {
-  print STDERR "==> Warning: @_\n";
-}
-sub error {
-  die "$title!!! Error: @_\n";
-}
-sub errorUsage {
-  die "$usage\n!!! Error: @_\n";
-}
+sub debug      { print STDERR "* @_\n" if $::opt_debug; }
+sub warning    { print STDERR "==> Warning: @_\n"; }
+sub error      { die "$title!!! Error: @_\n"; }
+sub errorUsage { die "Error: @_ (try --help for more information)\n"; }
 
 ### restricted option
 $restricted = 1 if $::opt_restricted;
 debug "Restricted mode activated" if $restricted;
 
+### safer external commands for Windows in restricted mode
+my $kpsewhich = 'kpsewhich';
+if ($restricted && $on_windows) {
+  use File::Basename;
+  my $mydirname = dirname $0;
+  # $mydirname is the location of the Perl script
+  $kpsewhich = "$mydirname/../../../bin/win32/$kpsewhich";
+  $GS = "$mydirname/../../../tlpkg/tlgs/bin/$GS";
+}
+debug "kpsewhich command: $kpsewhich";
+
+### check if a name is "safe" according to kpse's open(in|out)_any
+# return true if name is ok, false otherwise
+sub safe_name
+{
+  my ($mode, $name) = @_;
+  my $option = "";
+  $option = '-safe-in-name'  if $mode eq 'in';
+  $option = '-safe-out-name' if $mode eq 'out';
+  error "Unknown check mode in safe_name(): $mode" unless $option;
+  my @args = ($kpsewhich, '-progname', 'repstopdf', $option, $name);
+  my $bad = system {$args[0]} @args;
+  return ! $bad;
+}
+
 ### help, version options.
 if ($::opt_help) {
   print $usage;
@@ -253,31 +289,28 @@
   exit (0);
 }
 
-### get input filename
+### get input filename (\ref{openin_any} for validation)
 my $InputFilename = "";
 if ($::opt_filter) {
   @ARGV == 0 or
-    die errorUsage "Input file cannot be used with filter option";
-  $InputFilename = "-";
-  debug "Input file: standard input";
-}
-else {
-  @ARGV > 0 or die errorUsage "Input filename missing";
-  @ARGV < 2 or die errorUsage "Unknown option or too many input files";
+    errorUsage "Input file cannot be used with filter option";
+  debug "Filtering: will read standard input";
+} else {
+  @ARGV > 0 or errorUsage "Input filename missing";
+  @ARGV < 2 or errorUsage "Unknown option or too many input files";
   $InputFilename = $ARGV[0];
   #-r $InputFilename or error "\"$InputFilename\" not readable";
   debug "Input filename:", $InputFilename;
 }
 
+### emacs-page
 ### option gscmd
 if ($::opt_gscmd) {
-  debug "Switching from $GS to $::opt_gscmd";
-  $GS = $::opt_gscmd;
-  # validate GS \label{val_gscmd}
-  if ($restricted) {
-    $GS =~ /^(gs|mgs|gswin32c|gs386|gsos2)\z/
-      or $GS =~ /^gs[\-_]?(\d|\d[\.-_]?\d\d)c?\z/
-      or die error "Value of gscmd '$GS' not allowed in restricted mode.";
+  if ($restricted) { # \label{val_gscmd}
+    error "Option forbidden in restricted mode: --gscmd";
+  } else {
+    debug "Switching from $GS to $::opt_gscmd";
+    $GS = $::opt_gscmd;
   }
 }
 
@@ -285,6 +318,28 @@
 my @GS = ($GS);
 push @GS, qw(-q -dNOPAUSE -dSAFER -sDEVICE=pdfwrite);
 
+### option outfile
+my $OutputFilename = $::opt_outfile;
+if (! $OutputFilename) {
+  if ($::opt_gs) {
+    if ($::opt_filter) {
+      debug "Filtering: will write standard output";
+      $OutputFilename = "-";
+    } else {
+      # Ghostscript, no filter: replace input extension with .pdf.
+      $OutputFilename = $InputFilename;
+      my $ds = $on_windows_or_cygwin ? '\\/' : '/';
+      $OutputFilename =~ s/\.[^\.$ds]*$//;
+      $OutputFilename .= ".pdf";
+    }
+  } else {
+    debug "No Ghostscript: will write standard output";
+    $OutputFilename = "-"; # no ghostscript, write to standard output
+  }
+}
+debug "Output filename:", $OutputFilename;
+push @GS, "-sOutputFile=$OutputFilename";
+
 ### options compress, embed, res, autorotate
 push @GS, ('-dPDFSETTINGS=/prepress', '-dMaxSubsetPct=100',
   '-dSubsetFonts=true', '-dEmbedAllFonts=true') if $::opt_embed;
@@ -297,7 +352,7 @@
 error "Invalid value for autorotate: '$::opt_autorotate' "
   . "(use 'All', 'None' or 'PageByPage')."
   if ($::opt_autorotate and
-    not $::opt_autorotate =~ /^(None|All|PageByPage)\z/);
+    not $::opt_autorotate =~ /^(None|All|PageByPage)$/);
 
 ### option BoundingBox types
 my $BBName = "%%BoundingBox:";
@@ -307,53 +362,15 @@
 $BBName = "%%ExactBoundingBox:" if $::opt_exact;
 debug "BoundingBox comment:", $BBName;
 
-### option outfile
-my $OutputFilename = $::opt_outfile;
-if ($OutputFilename eq "") {
-  if ($::opt_gs) {
-    $OutputFilename = $InputFilename;
-    if (!$::opt_filter) {
-      $OutputFilename =~ s/\.[^\.]*$//;
-      $OutputFilename .= ".pdf";
-    }
-  }
-  else {
-    $OutputFilename = "-"; # standard output
-  }
-}
-if ($::opt_filter) {
-  debug "Output file: standard output";
+### validate input file name in restricted mode \label{openin_any}
+if ($restricted and not $::opt_filter
+    and not safe_name('in', $InputFilename)) {
+  error "Input filename '$InputFilename' not allowed in restricted mode.";
 }
-else {
-  debug "Output filename:", $OutputFilename;
-}
-push @GS, "-sOutputFile=$OutputFilename";
 
 ### validate output file name in restricted mode \label{openout_any}
-use File::Spec::Functions qw(splitpath file_name_is_absolute);
-if ($restricted) {
-  # use the equivalent of openout_any = p
-  # (see opennameok() web2c/lib/texmfmp.c)
-  # Well, for now, be even more paranoid: don't allow absolute path at all
-  my $ok = 1;
-  # disallow opening dot-files on Unix
-  unless ($^O eq "MSWin32") {
-    my ($drive, $path, $basename) = splitpath($OutputFilename);
-    $ok = 0 if $basename =~ /^\./;
-  }
-  # disallow absolute path
-  $ok = 0 if file_name_is_absolute($OutputFilename);
-  # disallow colon on Windows. It could be used either after a drive
-  # (like "a:dir\file") or for an alternate data stream (like
-  # "file:ads").
-  if ($^O eq "MSWin32" || $^O eq "cygwin") {
-    $ok = 0 if $OutputFilename =~ /:/;
-  }
-  # disallow going to parent directory
-  my $ds = ($^O eq "MSWin32" || $^O eq "cygwin") ? qr([\\/]) : qr(/);
-  $ok = 0 if $OutputFilename =~ /^\.\.$ds|$ds\.\.$ds/;
-  # we passed all tests
-  die error "Output filename '$OutputFilename' not allowed in restricted mode." unless $ok;
+if ($restricted and not safe_name('out', $OutputFilename)) {
+  error "Output filename '$OutputFilename' not allowed in restricted mode.";
 }
 
 ### option gs
@@ -367,8 +384,11 @@
 
 ### emacs-page
 ### open input file
-open(IN, '<', $InputFilename) or error "Cannot open",
-  ($::opt_filter) ? "standard input" : "\"$InputFilename\": $!";
+if ($::opt_filter) {
+  open(IN, '<-') || error("Cannot open stdin: $!");
+} else {
+  open(IN, '<', $InputFilename) || error("Cannot open $InputFilename: $!");
+}
 binmode IN;
 
 ### open output file
@@ -377,12 +397,11 @@
 my $OUT; # filehandle for output (GS pipe or temporary file)
 use File::Temp 'tempfile';
 if ($::opt_gs) {
-  unless ($^O eq 'MSWin32' || $^O eq 'cygwin') { # list piped open works
-    push @GS, qw(- -c -quit);
+  if (! $on_windows_or_cygwin) { # list piped open works
+    push @GS, qw(- -c quit);
     debug "Ghostscript pipe:", join(' ', @GS);
     open($OUT, '|-', @GS) or error "Cannot open Ghostscript for piped input";
-  }
-  else { # use a temporary file
+  } else { # use a temporary file on Windows/Cygwin.
     ($OUT, $tmp_filename) = tempfile(UNLINK => 1);
     debug "Using temporary file '$tmp_filename'";
   }
@@ -579,4 +598,6 @@
 }
 
 warning "BoundingBox not found" unless $BBCorrected;
-debug "Ready.";
+debug "Done.";
+
+# vim: ts=8 sw=2 expandtab:
Index: texlive-extra-2009/texmf/doc/man/man1/epstopdf.1
===================================================================
--- texlive-extra-2009.orig/texmf/doc/man/man1/epstopdf.1	2009-10-15 08:39:50.000000000 +0900
+++ texlive-extra-2009/texmf/doc/man/man1/epstopdf.1	2010-03-29 00:24:37.000000000 +0900
@@ -1,6 +1,5 @@
-.TH EPSTOPDF 1 "15 October 2009"
-.\" $Id: epstopdf.1 15532 2009-09-28 15:55:43Z karl $
-.\" man page originally by Jim Van Zandt
+.TH EPSTOPDF 1 "18 March 2010"
+.\" $Id: epstopdf.1 17496 2010-03-18 17:57:31Z karl $
 .SH NAME
 epstopdf, repstopdf \- convert an EPS file to PDF
 .SH SYNOPSIS
@@ -16,9 +15,10 @@
 If the bounding box is not right, of course, there are problems.
 .SH OPTIONS
 .IP "\fB--outfile\fP=\fIfile\fP"
-write result to \fIfile\fP; the default is to construct the output file
-name by replacing any extension in the input file with \fI.pdf\fP.  If
-\fB--nogs\fP or \fB--filter\fP is specified, write to standard output.
+write result to \fIfile\fP.  If this option is not given, and
+\fB--nogs\fP or \fB--filter\fP is specified, write to standard output;
+otherwise, the default is to construct the output file name by replacing
+any extension in the input file with \fI.pdf\fP.
 .IP "\fB--\fP[\fBno\fP]\fBcompress\fP"
 use compression (default: on).
 .IP "\fB--\fP[\fBno\fP]\fBdebug\fP"
@@ -28,9 +28,10 @@
 .IP "\fB--\fP[\fBno\fP]\fBexact\fP"
 scan ExactBoundingBox (default: off).
 .IP "\fB--\fP[\fBno\fP]\fBfilter\fP"
-read standard input (default: off).
+read standard input and (unless \fB--outfile\fP is given) write standard
+output(default: off).
 .IP "\fB--\fP[\fBno\fP]\fBgs\fP"
-run ghostscript (default: on).
+run Ghostscript (default: on).
 .IP "\fB--\fP[\fBno\fP]\fBhires\fP"
 scan HiresBoundingBox (default: off).
 .IP "\fB--gscmd\fP=\fIval\fP"
@@ -41,42 +42,45 @@
 set AutoRotatePages (default: None); recognized \fIval\fP choices:
 None, All, PageByPage.  For EPS files, PageByPage is equivalent to All.
 .IP "\fB--restricted\fP=\fIval\fP"
-turn on restricted mode (default: [on for resptopdf, else off]);
-this restricts the values accepted by \fB--gscmd\fP and impose restrictions
-on the output file name similar to web2c's openout_any=p.
+turn on restricted mode (default: [on for repstopdf, else off]);
+this forbids the use of \fB--gscmd\fP and imposes restrictions on the input and
+output file names according to the values of openin_any and openout_any (see
+the Web2c manual, http://tug.org/web2c).
 .IP "\fB--help\fP
 display help message and exit
 .IP "\fB--version\fP
 display version information and exit
 .SH EXAMPLES
-Examples for producing "test.pdf":
+Examples which produce "test.pdf":
 .nf
 epstopdf test.eps
 produce postscript | epstopdf --filter >test.pdf
 produce postscript | epstopdf -f -d -o=test.pdf
-
 .fi
 Example: look for HiresBoundingBox and produce corrected PostScript:
 .nf
 epstopdf -d --nogs --hires test.ps >testcorr.ps 
 .fi
 .SH BUGS
-The case of "%%BoundingBox: (atend)"
-when input is not seekable (e.g., from a pipe) is not supported.
+The case of "%%BoundingBox: (atend)" when input is not seekable (e.g.,
+from a pipe) is not supported.
 .PP
-When reporting bugs, please include an input file and command line
-options so the problem can be reproduced.  Report bugs in
-the program or this man page to tex-k@tug.org.
+Report bugs in the program or this man page to tex-k@tug.org.  When
+reporting bugs, please include an input file and the command line
+options specified, so the problem can be reproduced.
 .SH SEE ALSO
 \fBgs\fP(1),
 \fBpdfcrop\fP(1).
+.PP
+The epstopdf LaTeX package, part of the oberdiek bundle, which automates
+running this script on the fly under TeX: http://ctan.org/pkg/epstopdf-pkg.
 .SH AUTHOR
 The script was originally written by Sebastian Rahtz, for Elsevier
-Science, with subsequent contributions from Gerben Wierda and many
-others.  Currently maintained by Karl Berry.
+Science, with subsequent contributions from Thomas Esser, Gerben Wierda
+and many others.  Currently maintained by Karl Berry.
 .PP
 Man page originally written by Jim Van Zandt.
 .PP
-epstopdf home page: http://tug.org/epstopdf/
+epstopdf home page: http://tug.org/epstopdf.
 .PP
 You may freely use, modify and/or distribute this file.
