summaryrefslogtreecommitdiffstats
path: root/generic
diff options
context:
space:
mode:
authordgp <dgp@users.sourceforge.net>2003-07-15 20:51:48 (GMT)
committerdgp <dgp@users.sourceforge.net>2003-07-15 20:51:48 (GMT)
commit15a36c2b44761be8ef9d533a938f41d2c7748ad5 (patch)
tree344163bf98522decf14ed876202e0944def2caa0 /generic
parent8dd3ddd4e2847e9b1e950a02bc5edcd5313dc76a (diff)
downloadtcl-15a36c2b44761be8ef9d533a938f41d2c7748ad5.zip
tcl-15a36c2b44761be8ef9d533a938f41d2c7748ad5.tar.gz
tcl-15a36c2b44761be8ef9d533a938f41d2c7748ad5.tar.bz2
* generic/tclCompCmds.c (TclCompileIfCmd): Prior fix of Bug 711371
on 2003-04-07 introduced a buffer overflow. Corrected. [Bug 771613]
Diffstat (limited to 'generic')
-rw-r--r--generic/tclCompCmds.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/generic/tclCompCmds.c b/generic/tclCompCmds.c
index 644b807..42b8448 100644
--- a/generic/tclCompCmds.c
+++ b/generic/tclCompCmds.c
@@ -11,7 +11,7 @@
* See the file "license.terms" for information on usage and redistribution
* of this file, and for a DISCLAIMER OF ALL WARRANTIES.
*
- * RCS: @(#) $Id: tclCompCmds.c,v 1.39.2.1 2003/04/07 20:03:05 dgp Exp $
+ * RCS: @(#) $Id: tclCompCmds.c,v 1.39.2.2 2003/07/15 20:51:49 dgp Exp $
*/
#include "tclInt.h"
@@ -1197,7 +1197,7 @@ TclCompileIfCmd(interp, parsePtr, envPtr)
if (wordIdx >= numWords) {
sprintf(buffer,
"wrong # args: no expression after \"%.*s\" argument",
- numBytes, word);
+ (numBytes > 50 ? 50 : numBytes), word);
Tcl_ResetResult(interp);
Tcl_AppendToObj(Tcl_GetObjResult(interp), buffer, -1);
code = TCL_ERROR;
@@ -1259,7 +1259,10 @@ TclCompileIfCmd(interp, parsePtr, envPtr)
tokenPtr = testTokenPtr + (testTokenPtr->numComponents + 1);
wordIdx++;
if (wordIdx >= numWords) {
- sprintf(buffer, "wrong # args: no script following \"%.*s\" argument", testTokenPtr->size, testTokenPtr->start);
+ sprintf(buffer,
+ "wrong # args: no script following \"%.*s\" argument",
+ (testTokenPtr->size > 50 ? 50 : testTokenPtr->size),
+ testTokenPtr->start);
Tcl_ResetResult(interp);
Tcl_AppendToObj(Tcl_GetObjResult(interp), buffer, -1);
code = TCL_ERROR;