/ 
Tk804.025_beta2
/ pod/pTk/GetFont.pod
Security Advisories (6)
CVE-2006-4484 (2008-10-01)

Buffer overflow in the LWZReadByte_ function in the GD extension in allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.

CVE-2007-4769 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

CVE-2003-0107 (2003-03-07)

Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.

CVE-2007-4772 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

CVE-2007-6067 (2008-01-09)

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

CVE-2017-12652 (2019-07-10)

libpng before 1.6.32 does not properly check the length of chunks against the user limit.

NAME

Tk_GetFont, Tk_NameOfFont, Tk_FreeFont - maintain database of fonts

SYNOPSIS

#include <tk.h>

Tk_Font Tk_GetFont(interp, tkwin, string)

char * Tk_NameOfFont(tkfont)

void Tk_FreeFont(tkfont)

ARGUMENTS

"Tcl_Interp" *interp (in)

Interpreter to use for error reporting.

Tk_Window tkwin (in)

Token for window on the display in which font will be used.

"const char" *string (in)

Name or description of desired font. See documentation for the font command for details on acceptable formats.

Tk_Font tkfont (in)

Opaque font token.

DESCRIPTION

Tk_GetFont finds the font indicated by string and returns a token that represents the font. The return value can be used in subsequent calls to procedures such as Tk_FontMetrics, Tk_MeasureChars, and Tk_FreeFont. The token returned by Tk_GetFont will remain valid until Tk_FreeFont is called to release it. String can be either a symbolic name or a font description; see the documentation for the font command for a description of the valid formats. If Tk_GetFont is unsuccessful (because, for example, string was not a valid font specification) then it returns NULL and stores an error message in interp->result.

Tk_GetFont maintains a database of all fonts it has allocated. If the same string is requested multiple times (e.g. by different windows or for different purposes), then additional calls for the same string will be handled without involving the platform-specific graphics server.

The procedure Tk_NameOfFont is roughly the inverse of Tk_GetFont. Given a tkfont that was created by Tk_GetFont, the return value is the string argument that was passed to Tk_GetFont to create the font. The string returned by Tk_NameOfFont is only guaranteed to persist until the tkfont is deleted. The caller must not modify this string.

When a font returned by Tk_GetFont is no longer needed, Tk_FreeFont should be called to release it. There should be exactly one call to Tk_FreeFont for each call to Tk_GetFont. When a font is no longer in use anywhere (i.e. it has been freed as many times as it has been gotten) Tk_FreeFont will release any platform-specific storage and delete it from the database.

KEYWORDS

font