From bd8f54a3a1f6e7c92b5e1709040f191d8e9a59a9 Mon Sep 17 00:00:00 2001
From: Miguel Sofer <miguel.sofer@gmail.com>
Date: Tue, 29 Jul 2008 13:51:00 +0000
Subject: 	* generic/tclExecute.c:  fix [Bug 2030670] that cause 
 TclStackRealloc to panic on rare corner cases. Thx ajpasadyn for 
 diagnose and patch.

---
 ChangeLog            |  6 ++++++
 generic/tclExecute.c | 11 ++++++-----
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index b7c0484..b369a57 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2008-07-29  Miguel Sofer  <msofer@users.sf.net>
+
+	* generic/tclExecute.c:  fix [Bug 2030670] that cause
+	TclStackRealloc to panic on rare corner cases. Thx ajpasadyn for
+	diagnose and patch.
+
 2008-07-28  Andreas Kupries  <andreask@activestate.com>
 
 	* generic/tclBasic.c: Added missing ref count when creating an
diff --git a/generic/tclExecute.c b/generic/tclExecute.c
index 7866a7c..833197a 100644
--- a/generic/tclExecute.c
+++ b/generic/tclExecute.c
@@ -13,7 +13,7 @@
  * See the file "license.terms" for information on usage and redistribution of
  * this file, and for a DISCLAIMER OF ALL WARRANTIES.
  *
- * RCS: @(#) $Id: tclExecute.c,v 1.369.2.2 2008/07/22 21:41:13 andreas_kupries Exp $
+ * RCS: @(#) $Id: tclExecute.c,v 1.369.2.3 2008/07/29 13:51:11 msofer Exp $
  */
 
 #include "tclInt.h"
@@ -915,6 +915,7 @@ GrowEvaluationStack(
     int newBytes, newElems, currElems;
     int needed = growth - (esPtr->endPtr - esPtr->tosPtr);
     Tcl_Obj **markerPtr = esPtr->markerPtr, **memStart;
+    int moveWords = 0;
 
     if (move) {
 	if (!markerPtr) {
@@ -949,9 +950,9 @@ GrowEvaluationStack(
      */
 
     if (move) {
-	move = esPtr->tosPtr - MEMSTART(markerPtr) + 1;
+	moveWords = esPtr->tosPtr - MEMSTART(markerPtr) + 1;
     }
-    needed = growth + move + WALLOCALIGN - 1;
+    needed = growth + moveWords + WALLOCALIGN - 1;
 
     /*
      * Check if there is enough room in the next stack (if there is one, it
@@ -1011,8 +1012,8 @@ GrowEvaluationStack(
     esPtr->tosPtr = memStart - 1;
     
     if (move) {
-	memcpy(memStart, MEMSTART(markerPtr), move*sizeof(Tcl_Obj *));
-	esPtr->tosPtr += move;
+	memcpy(memStart, MEMSTART(markerPtr), moveWords*sizeof(Tcl_Obj *));
+	esPtr->tosPtr += moveWords;
 	oldPtr->markerPtr = (Tcl_Obj **) *markerPtr;
 	oldPtr->tosPtr = markerPtr-1;
     }
-- 
cgit v0.12