* generic/tclCompCmds.c (TclCompileIfCmd): Prior fix of Bug 711371

      on 2003-04-07 introduced a buffer overflow.  Corrected.  [Bug 771613]

2 files changed, 11 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index 35fb20f..a1609f3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2003-07-15  Don Porter  <dgp@users.sourceforge.net>
+
+      * generic/tclCompCmds.c (TclCompileIfCmd):  Prior fix of Bug 711371
+      on 2003-04-07 introduced a buffer overflow.  Corrected.  [Bug 771613]
+
 2003-07-15  Kevin B. Kenny  <kennykb@acm.org>
 
 	* win/rules.vc: Added a missing $(OPTDEFINES) which broke the
diff --git a/generic/tclCompCmds.c b/generic/tclCompCmds.c
index 139463f..47292f3 100644
--- a/generic/tclCompCmds.c
+++ b/generic/tclCompCmds.c
@@ -11,7 +11,7 @@
  * See the file "license.terms" for information on usage and redistribution
  * of this file, and for a DISCLAIMER OF ALL WARRANTIES.
  *
- * RCS: @(#) $Id: tclCompCmds.c,v 1.49 2003/05/05 20:54:38 dgp Exp $
+ * RCS: @(#) $Id: tclCompCmds.c,v 1.50 2003/07/15 21:01:38 dgp Exp $
  */
 
 #include "tclInt.h"
@@ -1195,7 +1195,7 @@ TclCompileIfCmd(interp, parsePtr, envPtr)
 	if (wordIdx >= numWords) {
 	    sprintf(buffer,
 	            "wrong # args: no expression after \"%.*s\" argument",
-		    numBytes, word);
+		    (numBytes > 50 ? 50 : numBytes), word);
 	    Tcl_ResetResult(interp);
 	    Tcl_AppendToObj(Tcl_GetObjResult(interp), buffer, -1);
 	    code = TCL_ERROR;
@@ -1257,7 +1257,10 @@ TclCompileIfCmd(interp, parsePtr, envPtr)
 	tokenPtr = testTokenPtr + (testTokenPtr->numComponents + 1);
 	wordIdx++;
 	if (wordIdx >= numWords) {
-	    sprintf(buffer, "wrong # args: no script following \"%.*s\" argument", testTokenPtr->size, testTokenPtr->start);
+	    sprintf(buffer,
+		    "wrong # args: no script following \"%.*s\" argument",
+		    (testTokenPtr->size > 50 ? 50 : testTokenPtr->size),
+		    testTokenPtr->start);
 	    Tcl_ResetResult(interp);
 	    Tcl_AppendToObj(Tcl_GetObjResult(interp), buffer, -1);
 	    code = TCL_ERROR;