From 6a3a8ae8ff86616bd067ce4fdc775550903afab9 Mon Sep 17 00:00:00 2001 From: "jan.nijtmans" Date: Thu, 16 Dec 2021 21:02:15 +0000 Subject: Suggested fix for [b0f84119c8]: TEBCresume(): undefined behavior for INST_LSHIFT --- generic/tclExecute.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/generic/tclExecute.c b/generic/tclExecute.c index 8963472..7e014d4 100644 --- a/generic/tclExecute.c +++ b/generic/tclExecute.c @@ -6379,10 +6379,10 @@ TEBCresume( * Handle shifts within the native long range. */ - if ((size_t) shift < CHAR_BIT*sizeof(long) && (l1 != 0) + if (((size_t) shift < CHAR_BIT*sizeof(long)) && !((l1>0 ? l1 : ~l1) & - -(1L<<(CHAR_BIT*sizeof(long) - 1 - shift)))) { - lResult = l1 << shift; + -(1UL<<(CHAR_BIT*sizeof(long) - 1 - shift)))) { + lResult = (unsigned long)l1 << shift; goto longResultOfArithmetic; } } -- cgit v0.12 From f3edde2f64fa0a8ca5db52a25ae371832a9af65b Mon Sep 17 00:00:00 2001 From: "jan.nijtmans" Date: Thu, 16 Dec 2021 21:25:52 +0000 Subject: Fix [d1434179b5]: avoid signed integer overflow in AppendUtfToUtfRep() --- generic/tclStringObj.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/generic/tclStringObj.c b/generic/tclStringObj.c index e30b9af..75b449d 100644 --- a/generic/tclStringObj.c +++ b/generic/tclStringObj.c @@ -1722,10 +1722,10 @@ AppendUtfToUtfRep( objPtr->length = 0; } oldLength = objPtr->length; - newLength = numBytes + oldLength; - if (newLength < 0) { + if (numBytes > INT_MAX - oldLength) { Tcl_Panic("max size for a Tcl value (%d bytes) exceeded", INT_MAX); } + newLength = numBytes + oldLength; stringPtr = GET_STRING(objPtr); if (newLength > stringPtr->allocated) { -- cgit v0.12 From a128b4d651075c9263df3e8959beaac5a403e54d Mon Sep 17 00:00:00 2001 From: "jan.nijtmans" Date: Sat, 18 Dec 2021 15:03:29 +0000 Subject: Fix [5507a9c096]: Small error on https://www.tcl.tk/man/tcl/TclCmd/try.html --- doc/try.n | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/try.n b/doc/try.n index eae4dc7..992dcea 100644 --- a/doc/try.n +++ b/doc/try.n @@ -87,7 +87,7 @@ Handle different reasons for a file to not be openable for reading: .PP .CS \fBtry\fR { - set f [open /some/file/name w] + set f [open /some/file/name r] } \fBtrap\fR {POSIX EISDIR} {} { puts "failed to open /some/file/name: it's a directory" } \fBtrap\fR {POSIX ENOENT} {} { -- cgit v0.12 From f60e1647996f8494c8eb64899086f74a43dc0120 Mon Sep 17 00:00:00 2001 From: "jan.nijtmans" Date: Sat, 18 Dec 2021 18:55:50 +0000 Subject: Make it impossible for the indexType object to cache negative index values. And - if it happens - at least don't crash on it. --- generic/tclIndexObj.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/generic/tclIndexObj.c b/generic/tclIndexObj.c index efa7373..8911f00 100644 --- a/generic/tclIndexObj.c +++ b/generic/tclIndexObj.c @@ -73,7 +73,7 @@ typedef struct { #define NEXT_ENTRY(table, offset) \ (&(STRING_AT(table, offset))) #define EXPAND_OF(indexRep) \ - STRING_AT((indexRep)->tablePtr, (indexRep)->offset*(indexRep)->index) + (((indexRep)->index >= 0) ? STRING_AT((indexRep)->tablePtr, (indexRep)->offset*(indexRep)->index) : "") /* *---------------------------------------------------------------------- @@ -280,7 +280,9 @@ Tcl_GetIndexFromObjStruct( if (objPtr && (objPtr->typePtr == &indexType)) { indexRep = objPtr->internalRep.twoPtrValue.ptr1; - if (indexRep->tablePtr==tablePtr && indexRep->offset==offset) { + if ((indexRep->tablePtr == tablePtr) + && (indexRep->offset == offset) + && (indexRep->index >= 0)) { *indexPtr = indexRep->index; return TCL_OK; } @@ -339,7 +341,7 @@ Tcl_GetIndexFromObjStruct( * operation. */ - if (objPtr) { + if (objPtr && (index >= 0)) { if (objPtr->typePtr == &indexType) { indexRep = objPtr->internalRep.twoPtrValue.ptr1; } else { -- cgit v0.12