summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordkf <donal.k.fellows@manchester.ac.uk>2010-08-19 10:04:14 (GMT)
committerdkf <donal.k.fellows@manchester.ac.uk>2010-08-19 10:04:14 (GMT)
commitcf776b747dcba5470727998f2fc84633b2cc5d1c (patch)
treea11df836ebaaa80784e40b4abf91e1ffb48f5c7a
parent5ed9fe2cc9c49f4a4233682d08b2f7d1293cf279 (diff)
downloadtcl-cf776b747dcba5470727998f2fc84633b2cc5d1c.zip
tcl-cf776b747dcba5470727998f2fc84633b2cc5d1c.tar.gz
tcl-cf776b747dcba5470727998f2fc84633b2cc5d1c.tar.bz2
* generic/tclTrace.c (TraceExecutionObjCmd, TraceCommandObjCmd)
(TraceVariableObjCmd): [Patch 3048354]: Use memcpy() instead of strcpy() to avoid buffer overflow; we have the correct length of data to copy anyway since we've just allocated the target buffer.
-rw-r--r--ChangeLog7
-rw-r--r--generic/tclTrace.c8
2 files changed, 11 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index 642279a..8eac315 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2010-08-19 Donal K. Fellows <dkf@users.sf.net>
+
+ * generic/tclTrace.c (TraceExecutionObjCmd, TraceCommandObjCmd)
+ (TraceVariableObjCmd): [Patch 3048354]: Use memcpy() instead of
+ strcpy() to avoid buffer overflow; we have the correct length of data
+ to copy anyway since we've just allocated the target buffer.
+
2010-08-15 Donal K. Fellows <dkf@users.sf.net>
* generic/tclProc.c (ProcWrongNumArgs): [Bug 3045010]: Make the
diff --git a/generic/tclTrace.c b/generic/tclTrace.c
index 346defc..1a6d60d 100644
--- a/generic/tclTrace.c
+++ b/generic/tclTrace.c
@@ -11,7 +11,7 @@
* See the file "license.terms" for information on usage and redistribution of
* this file, and for a DISCLAIMER OF ALL WARRANTIES.
*
- * RCS: @(#) $Id: tclTrace.c,v 1.47.2.2 2009/10/17 22:35:58 dkf Exp $
+ * RCS: @(#) $Id: tclTrace.c,v 1.47.2.3 2010/08/19 10:04:15 dkf Exp $
*/
#include "tclInt.h"
@@ -466,7 +466,7 @@ TraceExecutionObjCmd(
TCL_TRACE_LEAVE_DURING_EXEC)) {
flags |= (TCL_TRACE_ENTER_EXEC | TCL_TRACE_LEAVE_EXEC);
}
- strcpy(tcmdPtr->command, command);
+ memcpy(tcmdPtr->command, command, length+1);
name = Tcl_GetString(objv[3]);
if (Tcl_TraceCommand(interp, name, flags, TraceCommandProc,
(ClientData) tcmdPtr) != TCL_OK) {
@@ -704,7 +704,7 @@ TraceCommandObjCmd(
tcmdPtr->length = length;
tcmdPtr->refCount = 1;
flags |= TCL_TRACE_DELETE;
- strcpy(tcmdPtr->command, command);
+ memcpy(tcmdPtr->command, command, length+1);
name = Tcl_GetString(objv[3]);
if (Tcl_TraceCommand(interp, name, flags, TraceCommandProc,
(ClientData) tcmdPtr) != TCL_OK) {
@@ -909,7 +909,7 @@ TraceVariableObjCmd(
}
ctvarPtr->traceCmdInfo.length = length;
flags |= TCL_TRACE_UNSETS | TCL_TRACE_RESULT_OBJECT;
- strcpy(ctvarPtr->traceCmdInfo.command, command);
+ memcpy(ctvarPtr->traceCmdInfo.command, command, length+1);
ctvarPtr->traceInfo.traceProc = TraceVarProc;
ctvarPtr->traceInfo.clientData = (ClientData)
&ctvarPtr->traceCmdInfo;