From 926696ccf982e1136d462237594ed5fd67f8f02f Mon Sep 17 00:00:00 2001
From: ferrieux <ferrieux@users.sourceforge.net>
Date: Sat, 25 Feb 2017 22:42:47 +0000
Subject: Fix a 2002 bug detected by Brian Griffin : in the presence of [],
 ParseTokens overshoots the passed character range and trusts parsePtr->end
 instead.

---
 generic/tclParse.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/generic/tclParse.c b/generic/tclParse.c
index 71f51b6..2cc9c6b 100644
--- a/generic/tclParse.c
+++ b/generic/tclParse.c
@@ -1169,6 +1169,8 @@ ParseTokens(
 	    numBytes--;
 	    nestedPtr = TclStackAlloc(parsePtr->interp, sizeof(Tcl_Parse));
 	    while (1) {
+		const char *curEnd;
+		
 		if (Tcl_ParseCommand(parsePtr->interp, src, numBytes, 1,
 			nestedPtr) != TCL_OK) {
 		    parsePtr->errorType = nestedPtr->errorType;
@@ -1177,8 +1179,9 @@ ParseTokens(
 		    TclStackFree(parsePtr->interp, nestedPtr);
 		    return TCL_ERROR;
 		}
+		curEnd = src + numBytes;
 		src = nestedPtr->commandStart + nestedPtr->commandSize;
-		numBytes = parsePtr->end - src;
+		numBytes = curEnd - src;
 		Tcl_FreeParse(nestedPtr);
 
 		/*
-- 
cgit v0.12