diff options
-rw-r--r-- | ChangeLog | 10 | ||||
-rw-r--r-- | generic/tcl.h | 4 | ||||
-rw-r--r-- | generic/tclCkalloc.c | 8 | ||||
-rw-r--r-- | generic/tclCompile.c | 7 | ||||
-rw-r--r-- | generic/tclHash.c | 14 | ||||
-rw-r--r-- | generic/tclIO.h | 8 | ||||
-rw-r--r-- | generic/tclInt.h | 4 | ||||
-rw-r--r-- | generic/tclProc.c | 7 |
8 files changed, 36 insertions, 26 deletions
@@ -1,3 +1,13 @@ +2010-12-10 Jan Nijtmans <nijtmans@users.sf.net> + + * generic/tcl.h: [Bug 3129448]: Possible over-allocation on + * generic/tclCkalloc.c: 64-bit platforms, part 2 + * generic/tclCompile.c: + * generic/tclHash.c: + * generic/tclInt.h: + * generic/tclIO.h: + * generic/tclProc.c: + 2010-12-10 Alexandre Ferrieux <ferrieux@users.sourceforge.net> * generic/tclIO.c: Make sure [fcopy -size ... -command ...] always diff --git a/generic/tcl.h b/generic/tcl.h index 76e7c86..2e4b1fc 100644 --- a/generic/tcl.h +++ b/generic/tcl.h @@ -13,7 +13,7 @@ * See the file "license.terms" for information on usage and redistribution of * this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tcl.h,v 1.308 2010/08/14 20:58:30 nijtmans Exp $ + * RCS: @(#) $Id: tcl.h,v 1.309 2010/12/10 21:59:24 nijtmans Exp $ */ #ifndef _TCL @@ -1165,7 +1165,7 @@ struct Tcl_HashEntry { int words[1]; /* Multiple integer words for key. The actual * size will be as large as necessary for this * table's keys. */ - char string[4]; /* String for key. The actual size will be as + char string[1]; /* String for key. The actual size will be as * large as needed to hold the key. */ } key; /* MUST BE LAST FIELD IN RECORD!! */ }; diff --git a/generic/tclCkalloc.c b/generic/tclCkalloc.c index 4314554..414344a 100644 --- a/generic/tclCkalloc.c +++ b/generic/tclCkalloc.c @@ -14,7 +14,7 @@ * * This code contributed by Karl Lehenbauer and Mark Diekhans * - * RCS: @(#) $Id: tclCkalloc.c,v 1.42 2010/12/06 09:01:49 nijtmans Exp $ + * RCS: @(#) $Id: tclCkalloc.c,v 1.43 2010/12/10 21:59:23 nijtmans Exp $ */ #include "tclInt.h" @@ -814,6 +814,7 @@ MemoryCmd( FILE *fileP; Tcl_DString buffer; int result; + size_t len; if (argc < 2) { Tcl_AppendResult(interp, "wrong # args: should be \"", argv[0], @@ -909,9 +910,10 @@ MemoryCmd( if ((curTagPtr != NULL) && (curTagPtr->refCount == 0)) { TclpFree((char *) curTagPtr); } - curTagPtr = (MemTag *) TclpAlloc(TAG_SIZE(strlen(argv[2]))); + len = strlen(argv[2]); + curTagPtr = (MemTag *) TclpAlloc(TAG_SIZE(len)); curTagPtr->refCount = 0; - strcpy(curTagPtr->string, argv[2]); + memcpy(curTagPtr->string, argv[2], len + 1); return TCL_OK; } if (strcmp(argv[1],"trace") == 0) { diff --git a/generic/tclCompile.c b/generic/tclCompile.c index d40af69..96d9896 100644 --- a/generic/tclCompile.c +++ b/generic/tclCompile.c @@ -11,7 +11,7 @@ * See the file "license.terms" for information on usage and redistribution of * this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tclCompile.c,v 1.193 2010/10/20 20:52:27 ferrieux Exp $ + * RCS: @(#) $Id: tclCompile.c,v 1.194 2010/12/10 21:59:23 nijtmans Exp $ */ #include "tclInt.h" @@ -2600,8 +2600,7 @@ TclFindCompiledLocal( if (create || (name == NULL)) { localVar = procPtr->numCompiledLocals; localPtr = (CompiledLocal *) ckalloc((unsigned) - (sizeof(CompiledLocal) - sizeof(localPtr->name) - + nameBytes + 1)); + (TclOffset(CompiledLocal, name) + nameBytes + 1)); if (procPtr->firstLocalPtr == NULL) { procPtr->firstLocalPtr = procPtr->lastLocalPtr = localPtr; } else { @@ -4404,7 +4403,7 @@ static void UpdateStringOfInstName(Tcl_Obj *objPtr) } len = strlen(s); objPtr->bytes = ckalloc((unsigned) len + 1); - strcpy(objPtr->bytes, s); + memcpy(objPtr->bytes, s, len + 1); objPtr->length = len; } diff --git a/generic/tclHash.c b/generic/tclHash.c index e778104..c7a550f 100644 --- a/generic/tclHash.c +++ b/generic/tclHash.c @@ -10,7 +10,7 @@ * See the file "license.terms" for information on usage and redistribution of * this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tclHash.c,v 1.47 2010/12/01 09:58:52 nijtmans Exp $ + * RCS: @(#) $Id: tclHash.c,v 1.48 2010/12/10 21:59:23 nijtmans Exp $ */ #include "tclInt.h" @@ -829,14 +829,14 @@ AllocStringEntry( { const char *string = (const char *) keyPtr; Tcl_HashEntry *hPtr; - unsigned int size; + unsigned int size, allocsize; - size = sizeof(Tcl_HashEntry) + strlen(string) + 1 - sizeof(hPtr->key); - if (size < sizeof(Tcl_HashEntry)) { - size = sizeof(Tcl_HashEntry); + allocsize = size = strlen(string) + 1; + if (size < sizeof(hPtr->key)) { + allocsize = sizeof(hPtr->key); } - hPtr = (Tcl_HashEntry *) ckalloc(size); - strcpy(hPtr->key.string, string); + hPtr = (Tcl_HashEntry *) ckalloc(TclOffset(Tcl_HashEntry, key) + allocsize); + memcpy(hPtr->key.string, string, size); hPtr->clientData = 0; return hPtr; } diff --git a/generic/tclIO.h b/generic/tclIO.h index 5ff855f..8616c69 100644 --- a/generic/tclIO.h +++ b/generic/tclIO.h @@ -10,7 +10,7 @@ * See the file "license.terms" for information on usage and redistribution of * this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tclIO.h,v 1.17 2010/03/20 15:39:46 dkf Exp $ + * RCS: @(#) $Id: tclIO.h,v 1.18 2010/12/10 21:59:24 nijtmans Exp $ */ /* @@ -65,13 +65,13 @@ typedef struct ChannelBuffer { int bufLength; /* How big is the buffer? */ struct ChannelBuffer *nextPtr; /* Next buffer in chain. */ - char buf[4]; /* Placeholder for real buffer. The real - * buffer occuppies this space + bufSize-4 + char buf[1]; /* Placeholder for real buffer. The real + * buffer occuppies this space + bufSize-1 * bytes. This must be the last field in the * structure. */ } ChannelBuffer; -#define CHANNELBUFFER_HEADER_SIZE (sizeof(ChannelBuffer) - 4) +#define CHANNELBUFFER_HEADER_SIZE TclOffset(ChannelBuffer, buf) /* * How much extra space to allocate in buffer to hold bytes from previous diff --git a/generic/tclInt.h b/generic/tclInt.h index d107f2c..f759593 100644 --- a/generic/tclInt.h +++ b/generic/tclInt.h @@ -15,7 +15,7 @@ * See the file "license.terms" for information on usage and redistribution of * this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tclInt.h,v 1.489 2010/12/09 15:09:08 dkf Exp $ + * RCS: @(#) $Id: tclInt.h,v 1.490 2010/12/10 21:59:23 nijtmans Exp $ */ #ifndef _TCLINT @@ -954,7 +954,7 @@ typedef struct CompiledLocal { * is marked by a unique ClientData tag during * compilation, and that same tag is used to * find the variable at runtime. */ - char name[4]; /* Name of the local variable starts here. If + char name[1]; /* Name of the local variable starts here. If * the name is NULL, this will just be '\0'. * The actual size of this field will be large * enough to hold the name. MUST BE THE LAST diff --git a/generic/tclProc.c b/generic/tclProc.c index 315af88..bfc101c 100644 --- a/generic/tclProc.c +++ b/generic/tclProc.c @@ -12,7 +12,7 @@ * See the file "license.terms" for information on usage and redistribution of * this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tclProc.c,v 1.182 2010/09/27 19:42:38 msofer Exp $ + * RCS: @(#) $Id: tclProc.c,v 1.183 2010/12/10 21:59:23 nijtmans Exp $ */ #include "tclInt.h" @@ -622,8 +622,7 @@ TclCreateProc( */ localPtr = (CompiledLocal *) ckalloc((unsigned) - (sizeof(CompiledLocal) - sizeof(localPtr->name) - + nameLength + 1)); + (TclOffset(CompiledLocal, name) + nameLength + 1)); if (procPtr->firstLocalPtr == NULL) { procPtr->firstLocalPtr = procPtr->lastLocalPtr = localPtr; } else { @@ -643,7 +642,7 @@ TclCreateProc( } else { localPtr->defValuePtr = NULL; } - strcpy(localPtr->name, fieldValues[0]); + memcpy(localPtr->name, fieldValues[0], nameLength + 1); if ((i == numArgs - 1) && (localPtr->nameLength == 4) && (localPtr->name[0] == 'a') |