Attachment "771613.patch" to
ticket [771613ffff]
added by
dgp
2003-07-16 04:00:20.
Index: ChangeLog
===================================================================
RCS file: /cvsroot/tcl/tcl/ChangeLog,v
retrieving revision 1.1453.2.95
diff -u -r1.1453.2.95 ChangeLog
--- ChangeLog 15 Jul 2003 15:44:51 -0000 1.1453.2.95
+++ ChangeLog 15 Jul 2003 20:50:50 -0000
@@ -1,3 +1,8 @@
+2003-07-15 Don Porter <[email protected]>
+
+ * generic/tclCompCmds.c (TclCompileIfCmd): Prior fix of Bug 711371
+ on 2003-04-07 introduced a buffer overflow. Corrected. [Bug 771613]
+
2003-07-15 Donal K. Fellows <[email protected]>
* generic/tclCmdIL.c (SortCompare): Cleared up confusing error
Index: generic/tclCompCmds.c
===================================================================
RCS file: /cvsroot/tcl/tcl/generic/tclCompCmds.c,v
retrieving revision 1.39.2.1
diff -u -r1.39.2.1 tclCompCmds.c
--- generic/tclCompCmds.c 7 Apr 2003 20:03:05 -0000 1.39.2.1
+++ generic/tclCompCmds.c 15 Jul 2003 20:50:51 -0000
@@ -1197,7 +1197,7 @@
if (wordIdx >= numWords) {
sprintf(buffer,
"wrong # args: no expression after \"%.*s\" argument",
- numBytes, word);
+ (numBytes > 50 ? 50 : numBytes), word);
Tcl_ResetResult(interp);
Tcl_AppendToObj(Tcl_GetObjResult(interp), buffer, -1);
code = TCL_ERROR;
@@ -1259,7 +1259,10 @@
tokenPtr = testTokenPtr + (testTokenPtr->numComponents + 1);
wordIdx++;
if (wordIdx >= numWords) {
- sprintf(buffer, "wrong # args: no script following \"%.*s\" argument", testTokenPtr->size, testTokenPtr->start);
+ sprintf(buffer,
+ "wrong # args: no script following \"%.*s\" argument",
+ (testTokenPtr->size > 50 ? 50 : testTokenPtr->size),
+ testTokenPtr->start);
Tcl_ResetResult(interp);
Tcl_AppendToObj(Tcl_GetObjResult(interp), buffer, -1);
code = TCL_ERROR;
