diff options
| author | dgp <dgp@users.sourceforge.net> | 2015-07-15 17:20:19 (GMT) |
|---|---|---|
| committer | dgp <dgp@users.sourceforge.net> | 2015-07-15 17:20:19 (GMT) |
| commit | 1a4e6b5d92e1b10d9d00d501de6d0affcfc0a861 (patch) | |
| tree | 45d0e35c8eb923f7fd4d1b53ef88e17e57a879a1 | |
| parent | 7b49d1632e55010e4cc776e0bc02e934d6cfbd3e (diff) | |
| parent | 60a6f1779d63826f13a027850cdd09054e00d3d8 (diff) | |
| download | tcl-1a4e6b5d92e1b10d9d00d501de6d0affcfc0a861.zip tcl-1a4e6b5d92e1b10d9d00d501de6d0affcfc0a861.tar.gz tcl-1a4e6b5d92e1b10d9d00d501de6d0affcfc0a861.tar.bz2 | |
[b1534b438b] Prevent read outside buffer boundaries.
| -rw-r--r-- | generic/tclIO.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/generic/tclIO.c b/generic/tclIO.c index 8b2e149..aad576a 100644 --- a/generic/tclIO.c +++ b/generic/tclIO.c @@ -4333,7 +4333,18 @@ Write( return -1; } flushed += statePtr->bufSize; - if (saved == 0 || src[-1] != '\n') { + + /* + * We just flushed. So if we have needNlFlush set to record + * that we need to flush because theres a (translated) newline + * in the buffer, that's likely not true any more. But there + * is a tricky exception. If we have saved bytes that did not + * really get flushed and those bytes came from a translation + * of a newline as the last thing taken from the src array, + * then needNlFlush needs to remain set to flag that the + * next buffer still needs a newline flush. + */ + if (needNlFlush && (saved == 0 || src[-1] != '\n')) { needNlFlush = 0; } } |