/ 
Tk-804.025_beta6
/ Tk::Menu::Item
Security Advisories (6)
CVE-2006-4484 (2008-10-01)

Buffer overflow in the LWZReadByte_ function in the GD extension in allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.

CVE-2007-4769 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

CVE-2003-0107 (2003-03-07)

Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.

CVE-2007-4772 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

CVE-2007-6067 (2008-01-09)

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

CVE-2017-12652 (2019-07-10)

libpng before 1.6.32 does not properly check the length of chunks against the user limit.

NAME

Tk::Menu::Item - Base class for Menu items

SYNOPSIS

require Tk::Menu::Item;

my $but = $menu->Button(...);
$but->configure(...);
my $what = $but->cget();

package Whatever;
require Tk::Menu::Item;
@ISA = qw(Tk::Menu::Item);

sub PreInit
{
 my ($class,$menu,$info) = @_;
 $info->{'-xxxxx'} = ...
 my $y = delete $info->{'-yyyy'};
}

DESCRIPTION

Tk::Menu::Item is the base class from which Tk::Menu::Button, Tk::Menu::Cascade, Tk::Menu::Radiobutton and Tk::Menu::Checkbutton are derived. There is also a Tk::Menu::Separator.

Constructors are declared so that $menu->Button(...) etc. do what you would expect.

The -label option is pre-processed allowing ~ to be prefixed to the character to derive a -underline value. Thus

$menu->Button(-label => 'Goto ~Home',...)

is equivalent to

$menu->Button(-label => 'Goto Home', -underline => 6, ...)

The Cascade menu item creates a sub-menu and accepts these options:

-menuitems

A list of items for the sub-menu. Within this list (which is also accepted by Menu and Menubutton) the first two elements of each item should be the "constructor" name and the label:

-menuitems => [
               [Button      => '~Quit', -command => [destroy => $mw]],
               [Checkbutton => '~Oil',  -variable => \$oil],
              ]
-postcommand

A callback to be invoked before posting the menu.

-tearoff

Specifies whether sub-menu can be torn-off or not.

-menuvar

Scalar reference that will be set to the newly-created sub-menu.

The returned object is currently a blessed reference to an array of two items: the containing Menu and the 'label'. Methods configure and cget are mapped onto underlying entryconfigure and entrycget.

The main purpose of the OO interface is to allow derived item classes to be defined which pre-set the options used to create a more basic item.

BUGS

This OO interface is very new. Using the label as the "key" is a problem for separaror items which don't have one. The alternative would be to use an index into the menu but that is a problem if items are deleted (or inserted other than at the end).

There should probably be a PostInit entry point too, or a more widget like defered 'configure'.