/ 
Tk804.025_beta1
/ Tk_EventInit
Security Advisories (5)
CVE-2006-4484 (2008-10-01)

Buffer overflow in the LWZReadByte_ function in the GD extension in allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.

CVE-2007-4769 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

CVE-2003-0107 (2003-03-07)

Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.

CVE-2007-4772 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

CVE-2007-6067 (2008-01-09)

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

NAME

Tk_EventInit - Use the Tk event loop without the rest of Tk

SYNOPSIS

#include <tk.h>

int Tk_EventInit(interp)

ARGUMENTS

Tcl_Interp *interp (in)

Interpreter in which event-related Tk commands are to be created.

DESCRIPTION

This procedure may be invoked to use the Tk event management functions without the rest of Tk (e.g., in applications that do not have access to a display). Tk_EventInit creates the after and fileevent commands in interp. It also creates versions of the tkwait and update commands with reduced functionality: the tkwait command supports only the variable option, not visibility or $widget, and update does not check for X events. Tk_EventInit always returns TCL_OK to signal that it completed successfully.

The event-management procedures in Tk are divided into two groups, those that can be used stand-alone and those that require the full Tk library to be present. The following procedures may be used stand-alone: Tk_CreateFileHandler, Tk_CreateFileHandler2, Tk_DeleteFileHandler, Tk_CreateTimerHandler, Tk_DeleteTimerHandler, Tk_DoWhenIdle, Tk_CancelIdleCall, Tk_DoOneEvent, Tk_Sleep, and Tk_BackgroundError. Note that Tk_MainLoop cannot be used without the full Tk library, since it checks to see if windows are still open. If an application uses the event procedures stand-alone, it must include its own main loop that invokes Tk_DoOneEvent repeatedly.

Tk_EventInit is typically called from an application's Tcl_AppInit procedure; it should not be invoked in applications that use the full Tk library (e.g., those that have already invoked Tk_CreateMainWindow). However, it is OK for an application to start up using Tk_EventInit, compute without X for a while, and later invoke Tk_CreateMainWindow. When Tk_CreateMainWindow is invoked, the full suite of windowing Tcl commands will become available, and the full-blown versions of tkwait and update will replace the abridged versions created with Tk_EventInit.

KEYWORDS

event management, Tcl_AppInit