summaryrefslogtreecommitdiffstats
path: root/ChangeLog
diff options
context:
space:
mode:
authorandreas_kupries <akupries@shaw.ca>2002-01-17 20:35:20 (GMT)
committerandreas_kupries <akupries@shaw.ca>2002-01-17 20:35:20 (GMT)
commit1979c67a816d1ee384f9c594443f80de15bb8f8f (patch)
tree444866d62a4dac9b3921e406f9a044c25f9b6ddf /ChangeLog
parentda695737da4c009e056cbab6bad11df88e2ad058 (diff)
downloadtcl-1979c67a816d1ee384f9c594443f80de15bb8f8f.zip
tcl-1979c67a816d1ee384f9c594443f80de15bb8f8f.tar.gz
tcl-1979c67a816d1ee384f9c594443f80de15bb8f8f.tar.bz2
* generic/tclIOCmd.c (Tcl_GetsObjCmd): Fixed bug #504642 as
reported by Brian Griffin <bgriffin@users.sourceforge.net>, using his patch. Before the patch the generic I/O layer held an unannounced reference to the interp result to store the read line into. This unfortunately has disastrous results if the channel driver executes a tcl script to perform its operation, this freeing the interp result. In that case we are dereferencing essentially a dangling reference. It is not truly dangling because the object is in the free list, but this only causes us to smash the free list and have the error occur later somewhere else. The patch simply creates a new object for the line and later sets it into the interp result when we are done with reading.
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog16
1 files changed, 16 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 707f919..4d33b26 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,19 @@
+2002-01-17 Andreas Kupries <andreas_kupries@users.sourceforge.net>
+
+ * generic/tclIOCmd.c (Tcl_GetsObjCmd): Fixed bug #504642 as
+ reported by Brian Griffin <bgriffin@users.sourceforge.net>,
+ using his patch. Before the patch the generic I/O layer held an
+ unannounced reference to the interp result to store the read
+ line into. This unfortunately has disastrous results if the
+ channel driver executes a tcl script to perform its operation,
+ this freeing the interp result. In that case we are
+ dereferencing essentially a dangling reference. It is not truly
+ dangling because the object is in the free list, but this only
+ causes us to smash the free list and have the error occur later
+ somewhere else. The patch simply creates a new object for the
+ line and later sets it into the interp result when we are done
+ with reading.
+
2002-01-16 Mo DeJong <mdejong@users.sourceforge.net>
* unix/tcl.m4 (SC_LOAD_TCLCONFIG):