From f9780ff1a6e2bee6f3025ef79c0d95a2c12e05c2 Mon Sep 17 00:00:00 2001 From: fvogel Date: Wed, 4 Oct 2017 05:14:42 +0000 Subject: Add test for [55b95f578a]: Associating variable with bignum value with scale crashes it (at this point the test produces a crash) --- tests/scale.test | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/scale.test b/tests/scale.test index 8c14ed4..384d117 100644 --- a/tests/scale.test +++ b/tests/scale.test @@ -1504,6 +1504,17 @@ test scale-20.8 {Bug [2262543fff] - Scale widget unexpectedly fires command call destroy .s } -result {10 10} +test scale-21 {Bug [55b95f578a] - Associating variable with bignum value with scale crashes it} -setup { + catch {destroy .s} +} -body { + pack [scale .s] + set foo 5.79e99 + # non-regression test for bug [55b95f578a] - shall just not crash + .s configure -variable foo +} -cleanup { + destroy .s +} -result {} + option clear # cleanup -- cgit v0.12 From 970b45c9307f0b9294d47aec76aa63f5fbf953ff Mon Sep 17 00:00:00 2001 From: fvogel Date: Sat, 7 Oct 2017 19:00:44 +0000 Subject: Fix [55b95f578a]: Associating variable with bignum value with scale crashes it. The added test (scale-21) passes. --- generic/tkScale.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/generic/tkScale.c b/generic/tkScale.c index cbc5202..5658e5d 100644 --- a/generic/tkScale.c +++ b/generic/tkScale.c @@ -677,9 +677,9 @@ ConfigureScale( } else { char varString[TCL_DOUBLE_SPACE], scaleString[TCL_DOUBLE_SPACE]; - sprintf(varString, scalePtr->format, varValue); - sprintf(scaleString, scalePtr->format, scalePtr->value); - if (strcmp(varString, scaleString)) { + Tcl_PrintDouble(NULL, varValue, varString); + Tcl_PrintDouble(NULL, scalePtr->value, scaleString); + if (strcmp(varString, scaleString)) { ScaleSetVariable(scalePtr); } } -- cgit v0.12 From 9bc06658d8776b1b848185dce6ccebc96533d2c2 Mon Sep 17 00:00:00 2001 From: fvogel Date: Sat, 7 Oct 2017 20:08:57 +0000 Subject: Fix more issues with sprintf in the scale widget. --- generic/tkScale.c | 19 ++++++++++++++++--- macosx/tkMacOSXScale.c | 5 ++++- unix/tkUnixScale.c | 22 ++++++++++++++++++---- 3 files changed, 38 insertions(+), 8 deletions(-) diff --git a/generic/tkScale.c b/generic/tkScale.c index 5658e5d..ef67630 100644 --- a/generic/tkScale.c +++ b/generic/tkScale.c @@ -21,6 +21,10 @@ #include "tkInt.h" #include "tkScale.h" +#if defined(_WIN32) +#define snprintf _snprintf +#endif + /* * The following table defines the legal values for the -orient option. It is * used together with the "enum orient" declaration in tkScale.h. @@ -936,10 +940,16 @@ ComputeScaleGeometry( * whichever length is longer. */ - sprintf(valueString, scalePtr->format, scalePtr->fromValue); + if (snprintf(valueString, TCL_DOUBLE_SPACE, scalePtr->format, + scalePtr->fromValue) < 0) { + valueString[TCL_DOUBLE_SPACE - 1] = '\0'; + } valuePixels = Tk_TextWidth(scalePtr->tkfont, valueString, -1); - sprintf(valueString, scalePtr->format, scalePtr->toValue); + if (snprintf(valueString, TCL_DOUBLE_SPACE, scalePtr->format, + scalePtr->toValue) < 0) { + valueString[TCL_DOUBLE_SPACE - 1] = '\0'; + } tmp = Tk_TextWidth(scalePtr->tkfont, valueString, -1); if (valuePixels < tmp) { valuePixels = tmp; @@ -1314,7 +1324,10 @@ ScaleSetVariable( if (scalePtr->varNamePtr != NULL) { char string[TCL_DOUBLE_SPACE]; - sprintf(string, scalePtr->format, scalePtr->value); + if (snprintf(string, TCL_DOUBLE_SPACE, scalePtr->format, + scalePtr->value) < 0) { + string[TCL_DOUBLE_SPACE - 1] = '\0'; + } scalePtr->flags |= SETTING_VAR; Tcl_ObjSetVar2(scalePtr->interp, scalePtr->varNamePtr, NULL, Tcl_NewStringObj(string, -1), TCL_GLOBAL_ONLY); diff --git a/macosx/tkMacOSXScale.c b/macosx/tkMacOSXScale.c index c5a6f76..8a6a96b 100644 --- a/macosx/tkMacOSXScale.c +++ b/macosx/tkMacOSXScale.c @@ -171,7 +171,10 @@ TkpDisplayScale( Tcl_Preserve((ClientData) scalePtr); if ((scalePtr->flags & INVOKE_COMMAND) && (scalePtr->command != NULL)) { Tcl_Preserve((ClientData) interp); - sprintf(string, scalePtr->format, scalePtr->value); + if (snprintf(string, TCL_DOUBLE_SPACE, scalePtr->format, + scalePtr->value) < 0) { + string[TCL_DOUBLE_SPACE - 1] = '\0'; + } Tcl_DStringInit(&buf); Tcl_DStringAppend(&buf, scalePtr->command, -1); Tcl_DStringAppend(&buf, " ", -1); diff --git a/unix/tkUnixScale.c b/unix/tkUnixScale.c index c348037..8f88018 100644 --- a/unix/tkUnixScale.c +++ b/unix/tkUnixScale.c @@ -13,6 +13,10 @@ #include "tkInt.h" #include "tkScale.h" +#if defined(_WIN32) +#define snprintf _snprintf +#endif + /* * Forward declarations for functions defined later in this file: */ @@ -267,7 +271,9 @@ DisplayVerticalValue( Tk_GetFontMetrics(scalePtr->tkfont, &fm); y = TkScaleValueToPixel(scalePtr, value) + fm.ascent/2; - sprintf(valueString, scalePtr->format, value); + if (snprintf(valueString, TCL_DOUBLE_SPACE, scalePtr->format, value) < 0) { + valueString[TCL_DOUBLE_SPACE - 1] = '\0'; + } length = (int) strlen(valueString); width = Tk_TextWidth(scalePtr->tkfont, valueString, length); @@ -352,7 +358,10 @@ DisplayHorizontalScale( ticks = fabs((scalePtr->toValue - scalePtr->fromValue) / tickInterval); - sprintf(valueString, scalePtr->format, scalePtr->fromValue); + if (snprintf(valueString, TCL_DOUBLE_SPACE, scalePtr->format, + scalePtr->fromValue) < 0) { + valueString[TCL_DOUBLE_SPACE - 1] = '\0'; + } maxTicks = (double) Tk_Width(tkwin) / (double) Tk_TextWidth(scalePtr->tkfont, valueString, -1); if (ticks > maxTicks) { @@ -484,7 +493,9 @@ DisplayHorizontalValue( x = TkScaleValueToPixel(scalePtr, value); Tk_GetFontMetrics(scalePtr->tkfont, &fm); y = top + fm.ascent; - sprintf(valueString, scalePtr->format, value); + if (snprintf(valueString, TCL_DOUBLE_SPACE, scalePtr->format, value) < 0) { + valueString[TCL_DOUBLE_SPACE - 1] = '\0'; + } length = (int) strlen(valueString); width = Tk_TextWidth(scalePtr->tkfont, valueString, length); @@ -551,7 +562,10 @@ TkpDisplayScale( Tcl_Preserve(scalePtr); if ((scalePtr->flags & INVOKE_COMMAND) && (scalePtr->command != NULL)) { Tcl_Preserve(interp); - sprintf(string, scalePtr->format, scalePtr->value); + if (snprintf(string, TCL_DOUBLE_SPACE, scalePtr->format, + scalePtr->value) < 0) { + string[TCL_DOUBLE_SPACE - 1] = '\0'; + } Tcl_DStringInit(&buf); Tcl_DStringAppend(&buf, scalePtr->command, -1); Tcl_DStringAppend(&buf, " ", -1); -- cgit v0.12 From 20a05b8bc7cbd7e31d4fd0f094d3849945118a77 Mon Sep 17 00:00:00 2001 From: fvogel Date: Sat, 7 Oct 2017 20:18:19 +0000 Subject: Renamed test scale-21 to scale-21.1, and added scale-21.2 to test huge values for -from and -to options of the scale widget. --- tests/scale.test | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/tests/scale.test b/tests/scale.test index 384d117..79524eb 100644 --- a/tests/scale.test +++ b/tests/scale.test @@ -1504,7 +1504,7 @@ test scale-20.8 {Bug [2262543fff] - Scale widget unexpectedly fires command call destroy .s } -result {10 10} -test scale-21 {Bug [55b95f578a] - Associating variable with bignum value with scale crashes it} -setup { +test scale-21.1 {Bug [55b95f578a] - Associating variable with bignum value with scale crashes it} -setup { catch {destroy .s} } -body { pack [scale .s] @@ -1514,6 +1514,15 @@ test scale-21 {Bug [55b95f578a] - Associating variable with bignum value with sc } -cleanup { destroy .s } -result {} +test scale-21.2 {Bug [55b95f578a] again - Bignum value for -from/-to with scale crashes it} -setup { + catch {destroy .s} +} -body { + pack [scale .s] + # non-regression test for bug [55b95f578a] - shall just not crash + .s configure -from -6.8e99 -to 8.8e99 +} -cleanup { + destroy .s +} -result {} option clear -- cgit v0.12