From f5073685562dc7045d0f2a89722d4d948a3500b9 Mon Sep 17 00:00:00 2001 From: sebres Date: Tue, 2 Jun 2020 17:01:52 +0000 Subject: avoid segfault if Tcl_FreeParse, if parse structure remains uninitialized (parse.tokenPtr may be used uninitialized, for instance it returns from Tcl_ParseCommand etc with error before TclParseInit gets called) --- generic/tclParse.c | 35 ++++++++++++++++------------------- 1 file changed, 16 insertions(+), 19 deletions(-) diff --git a/generic/tclParse.c b/generic/tclParse.c index b1b8037..48d86ef 100644 --- a/generic/tclParse.c +++ b/generic/tclParse.c @@ -268,16 +268,16 @@ Tcl_ParseCommand( * point to char after terminating one. */ int scanned; + if (numBytes < 0 && start) { + numBytes = strlen(start); + } + TclParseInit(interp, start, numBytes, parsePtr); if ((start == NULL) && (numBytes != 0)) { if (interp != NULL) { Tcl_SetResult(interp, "can't parse a NULL pointer", TCL_STATIC); } return TCL_ERROR; } - if (numBytes < 0) { - numBytes = strlen(start); - } - TclParseInit(interp, start, numBytes, parsePtr); parsePtr->commentStart = NULL; parsePtr->commentSize = 0; parsePtr->commandStart = NULL; @@ -1421,16 +1421,15 @@ Tcl_ParseVarName( int varIndex; unsigned array; - if ((numBytes == 0) || (start == NULL)) { - return TCL_ERROR; - } - if (numBytes < 0) { + if (numBytes < 0 && start) { numBytes = strlen(start); } - if (!append) { TclParseInit(interp, start, numBytes, parsePtr); } + if ((numBytes == 0) || (start == NULL)) { + return TCL_ERROR; + } /* * Generate one token for the variable, an additional token for the name, @@ -1707,16 +1706,15 @@ Tcl_ParseBraces( register const char *src; int startIndex, level, length; - if ((numBytes == 0) || (start == NULL)) { - return TCL_ERROR; - } - if (numBytes < 0) { + if (numBytes < 0 && start) { numBytes = strlen(start); } - if (!append) { TclParseInit(interp, start, numBytes, parsePtr); } + if ((numBytes == 0) || (start == NULL)) { + return TCL_ERROR; + } src = start; startIndex = parsePtr->numTokens; @@ -1904,16 +1902,15 @@ Tcl_ParseQuotedString( * the quoted string's terminating close-quote * if the parse succeeds. */ { - if ((numBytes == 0) || (start == NULL)) { - return TCL_ERROR; - } - if (numBytes < 0) { + if (numBytes < 0 && start) { numBytes = strlen(start); } - if (!append) { TclParseInit(interp, start, numBytes, parsePtr); } + if ((numBytes == 0) || (start == NULL)) { + return TCL_ERROR; + } if (TCL_OK != ParseTokens(start+1, numBytes-1, TYPE_QUOTE, TCL_SUBST_ALL, parsePtr)) { -- cgit v0.12