summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordkf <donal.k.fellows@manchester.ac.uk>2011-08-30 00:05:19 (GMT)
committerdkf <donal.k.fellows@manchester.ac.uk>2011-08-30 00:05:19 (GMT)
commitc920fce750db18f523a53b78892cb2c1610f5fcc (patch)
treeb5c0fc271ea0fd6dbddade04e906a194ddd9294e
parent379048cb89b55b63858d61a573dbe5537b3656e5 (diff)
downloadtcl-c920fce750db18f523a53b78892cb2c1610f5fcc.zip
tcl-c920fce750db18f523a53b78892cb2c1610f5fcc.tar.gz
tcl-c920fce750db18f523a53b78892cb2c1610f5fcc.tar.bz2
[Bug 3398794]: Use Tcl errors in scripts, not panics.
-rw-r--r--ChangeLog34
-rw-r--r--generic/tclInterp.c26
-rw-r--r--tests/interp.test7
3 files changed, 54 insertions, 13 deletions
diff --git a/ChangeLog b/ChangeLog
index c6dc4a3..9bec595 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,22 +1,30 @@
+2011-08-30 Donal K. Fellows <dkf@users.sf.net>
+
+ * generic/tclInterp.c (SlaveCommandLimitCmd, SlaveTimeLimitCmd):
+ [Bug 3398794]: Ensure that low-level conditions in the limit API are
+ enforced at the script level through errors, not a Tcl_Panic. This
+ means that interpreters cannot read their own limits (writing already
+ did not work).
+
2011-08-19 Alexandre Ferrieux <ferrieux@users.sourceforge.net>
- * generic/tclTest.c: [Bug 2981154] async-4.3 segfault.
- * tests/async.test: [Bug 1774689] async-4.3 sometimes fails.
+ * generic/tclTest.c: [Bug 2981154]: async-4.3 segfault.
+ * tests/async.test: [Bug 1774689]: async-4.3 sometimes fails.
2011-08-18 Jan Nijtmans <nijtmans@users.sf.net>
- * generic/tclUniData.c: [Bug 3393714] overflow in toupper delta
+ * generic/tclUniData.c: [Bug 3393714]: Overflow in toupper delta
* tools/uniParse.tcl
* tests/utf.test
2011-08-17 Don Porter <dgp@users.sourceforge.net>
- * generic/tclGet.c: [Bug 3393150] Overlooked free of intreps.
+ * generic/tclGet.c: [Bug 3393150]: Overlooked free of intreps.
(It matters for bignums!)
2011-08-16 Jan Nijtmans <nijtmans@users.sf.net>
- * generic/tclCmdAH.c: [Bug 3388350] mingw64 compiler warnings
+ * generic/tclCmdAH.c: [Bug 3388350]: mingw64 compiler warnings
* generic/tclFCmd.c In mingw, sys/stat.h must be included
* generic/tclFileName.c before winsock2.h, so make sure of that.
* generic/tclIOUtil.c
@@ -35,11 +43,11 @@
2011-08-15 Don Porter <dgp@users.sourceforge.net>
- * generic/tclBasic.c: [Bug 3390272] Leak of [info script] value.
+ * generic/tclBasic.c: [Bug 3390272]: Leak of [info script] value.
2011-08-15 Jan Nijtmans <nijtmans@users.sf.net>
- * win/tclWinPort.h: [Bug 3388350] mingw64 compiler warnings
+ * win/tclWinPort.h: [Bug 3388350]: mingw64 compiler warnings
* win/tclWinPipe.c
* win/tclWinSock.c
* win/configure.in
@@ -49,20 +57,20 @@
2011-08-12 Don Porter <dgp@users.sourceforge.net>
- * generic/tclPathObj.c: [Bug 3389764] Eliminate possibility that dup
+ * generic/tclPathObj.c: [Bug 3389764]: Eliminate possibility that dup
of a "path" value can create reference cycle.
2011-08-09 Jan Nijtmans <nijtmans@users.sf.net>
- * win/tclWinConsole.c: [Bug 3388350] mingw64 compiler warnings
+ * win/tclWinConsole.c: [Bug 3388350]: mingw64 compiler warnings
* win/tclWinDde.c
* win/tclWinPipe.c
* win/tclWinSerial.c
2011-08-05 Kevin B. Kenny <kennykb@acm.org>
- * generic/tclStrToD.c: Plugged a memory leak in double->string
- conversion. [Bug 3386975]
+ * generic/tclStrToD.c: [Bug 3386975]: Plugged a memory leak in
+ double->string conversion.
2011-07-28 Don Porter <dgp@users.sourceforge.net>
@@ -87,11 +95,11 @@
2011-07-21 Jan Nijtmans <nijtmans@users.sf.net>
- * win/tclWinPort.h: [Bug 3372130] Fix hypot math function with MSVC10
+ * win/tclWinPort.h: [Bug 3372130]: Fix hypot math function with MSVC10
2011-07-19 Don Porter <dgp@users.sourceforge.net>
- * generic/tclUtil.c: [Bug 3371644] Repair failure to properly handle
+ * generic/tclUtil.c: [Bug 3371644]: Repair failure to properly handle
* tests/util.test: (length == -1) scanning in TclConvertElement().
2011-07-15 Don Porter <dgp@users.sourceforge.net>
diff --git a/generic/tclInterp.c b/generic/tclInterp.c
index 0b05913..058714f 100644
--- a/generic/tclInterp.c
+++ b/generic/tclInterp.c
@@ -4133,6 +4133,19 @@ SlaveCommandLimitCmd(
ScriptLimitCallback *limitCBPtr;
Tcl_HashEntry *hPtr;
+ /*
+ * First, ensure that we are not reading or writing the calling
+ * interpreter's limits; it may only manipulate its children. Note that
+ * the low level API enforces this with Tcl_Panic, which we want to
+ * avoid. [Bug 3398794]
+ */
+
+ if (interp == slaveInterp) {
+ Tcl_AppendResult(interp,
+ "limits on current interpreter inaccessible", NULL);
+ return TCL_ERROR;
+ }
+
if (objc == consumedObjc) {
Tcl_Obj *dictPtr;
@@ -4304,6 +4317,19 @@ SlaveTimeLimitCmd(
ScriptLimitCallback *limitCBPtr;
Tcl_HashEntry *hPtr;
+ /*
+ * First, ensure that we are not reading or writing the calling
+ * interpreter's limits; it may only manipulate its children. Note that
+ * the low level API enforces this with Tcl_Panic, which we want to
+ * avoid. [Bug 3398794]
+ */
+
+ if (interp == slaveInterp) {
+ Tcl_AppendResult(interp,
+ "limits on current interpreter inaccessible", NULL);
+ return TCL_ERROR;
+ }
+
if (objc == consumedObjc) {
Tcl_Obj *dictPtr;
diff --git a/tests/interp.test b/tests/interp.test
index 5e6d6b0..510ab4a 100644
--- a/tests/interp.test
+++ b/tests/interp.test
@@ -3429,6 +3429,13 @@ test interp-35.22 {interp time limits normalize milliseconds} -body {
} -cleanup {
interp delete $i
} -result {2 500}
+# Bug 3398794
+test interp-35.23 {interp command limits can't touch current interp} -body {
+ interp limit {} commands -value 10
+} -returnCodes error -result {limits on current interpreter inaccessible}
+test interp-35.24 {interp time limits can't touch current interp} -body {
+ interp limit {} time -seconds 2
+} -returnCodes error -result {limits on current interpreter inaccessible}
test interp-36.1 {interp bgerror syntax} -body {
interp bgerror