From b9577c0641072a7e7060bad5357e549b75928132 Mon Sep 17 00:00:00 2001 From: sebres Date: Fri, 7 Sep 2018 10:45:30 +0000 Subject: closes [631b4c45df]: segfault by usage of wrong length (no string representation) --- generic/tclProc.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/generic/tclProc.c b/generic/tclProc.c index dc58cb0..e51f5b3 100644 --- a/generic/tclProc.c +++ b/generic/tclProc.c @@ -504,10 +504,11 @@ TclCreateProc( goto procError; } - nameLength = Tcl_NumUtfChars(Tcl_GetString(fieldValues[0]), fieldValues[0]->length); + argname = Tcl_GetStringFromObj(fieldValues[0], &plen); + nameLength = Tcl_NumUtfChars(argname, plen); if (fieldCount == 2) { - valueLength = Tcl_NumUtfChars(Tcl_GetString(fieldValues[1]), - fieldValues[1]->length); + const char * value = TclGetString(fieldValues[1]); + valueLength = Tcl_NumUtfChars(value, fieldValues[1]->length); } else { valueLength = 0; } @@ -516,7 +517,6 @@ TclCreateProc( * Check that the formal parameter name is a scalar. */ - argname = Tcl_GetStringFromObj(fieldValues[0], &plen); argnamei = argname; argnamelast = argname[plen-1]; while (plen--) { -- cgit v0.12 From e80eaec4d3430e0db5f54dde5059821f35e77637 Mon Sep 17 00:00:00 2001 From: sebres Date: Fri, 7 Sep 2018 11:55:01 +0000 Subject: amend to [e8ab4d85fa], proc.test: extended with new test-case to cover situation like [631b4c45df] --- tests/proc.test | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/proc.test b/tests/proc.test index e06720e..f70fcbd 100644 --- a/tests/proc.test +++ b/tests/proc.test @@ -110,6 +110,14 @@ test proc-1.8 {Tcl_ProcObjCmd, check that formal parameter names are simple name proc p {b:a b::a} { } } -returnCodes error -result {formal parameter "b::a" is not a simple name} +test proc-1.9 {Tcl_ProcObjCmd, arguments via canonical list (string-representation bug [631b4c45df])} -body { + set v 2 + binary scan AB cc a b + proc p [list [list a $a] [list b $b] [list v [expr {$v + 2}]]] {expr {$a + $b + $v}} + p +} -result [expr {65+66+4}] -cleanup { + rename p {} +} test proc-2.1 {TclFindProc, simple proc name and proc not in namespace} -setup { catch {namespace delete {*}[namespace children :: test_ns_*]} -- cgit v0.12 From 95db69f27b003d548813280a19d1b290332bf2ef Mon Sep 17 00:00:00 2001 From: dgp Date: Fri, 7 Sep 2018 12:04:32 +0000 Subject: Added test for [631b4c45df]. --- tests/proc.test | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/proc.test b/tests/proc.test index f70fcbd..8b25b0a 100644 --- a/tests/proc.test +++ b/tests/proc.test @@ -391,6 +391,14 @@ test proc-7.4 {Proc struct outlives its interp: Bug 3532959} { interp delete slave unset lambda } {} + +test proc-7.5 {[631b4c45df] Crash in argument processing} { + binary scan A c val + proc foo [list [list from $val]] {} + rename foo {} + unset -nocomplain val +} {} + # cleanup catch {rename p ""} -- cgit v0.12