diff options
| author | Steve Bennett <steveb@workware.net.au> | 2010-01-24 12:55:05 +1000 |
|---|---|---|
| committer | Steve Bennett <steveb@workware.net.au> | 2010-10-15 11:02:45 +1000 |
| commit | 9373863b490be45da1b823949ebd76425057dd3e (patch) | |
| tree | 2a3f338cde7f1c3c0e809ca63eae10f61d6153ec | |
| parent | 9c0de20e4bc701bb92a2512a6db6f9e41b6d045e (diff) | |
| download | jimtcl-9373863b490be45da1b823949ebd76425057dd3e.zip jimtcl-9373863b490be45da1b823949ebd76425057dd3e.tar.gz jimtcl-9373863b490be45da1b823949ebd76425057dd3e.tar.bz2 | |
Fix null pointer dereference
If the condition expression of a for statement is invalid
| -rw-r--r-- | jim.c | 2 | ||||
| -rw-r--r-- | tests/misc.test | 10 |
2 files changed, 11 insertions, 1 deletions
@@ -10062,7 +10062,7 @@ static int Jim_ForCoreCommand(Jim_Interp *interp, int argc, /* Ensure proper lengths to start */ if (initScript->len != 6) goto evalstart; if (incrScript->len != 4) goto evalstart; - if (expr->len != 3) goto evalstart; + if (!expr || expr->len != 3) goto evalstart; /* Ensure proper token types. */ if (initScript->token[2].type != JIM_TT_ESC || initScript->token[4].type != JIM_TT_ESC || diff --git a/tests/misc.test b/tests/misc.test index 3fffbf3..804e456 100644 --- a/tests/misc.test +++ b/tests/misc.test @@ -19,6 +19,16 @@ test regr-1.2 "Reference count shared literals" { return 1 } {1} +test regr-1.3 "Invalid for expression" { + # Crashes with invalid expression + catch { + for {set i 0} {$i < n} {incr i} { + set a(b) $i + set a(c) $i + } + } +} 1 + section "I/O Testing" test io-1.1 "Read last line with no newline" { |