/ 
Tk-804.031
/ pod/pTk/TimerHndlr.pod
Security Advisories (6)
CVE-2007-4769 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

CVE-2018-25032 (2022-03-25)

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

CVE-2011-3045 (2012-03-22)

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

CVE-2016-10087 (2017-01-30)

The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

CVE-2007-4772 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

CVE-2007-6067 (2008-01-09)

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

NAME

Tk_CreateTimerHandler, Tk_DeleteTimerHandler - call a procedure at a given time

SYNOPSIS

#include <tk.h>

Tk_TimerToken Tk_CreateTimerHandler(milliseconds, proc, clientData)

Tk_DeleteTimerHandler(token)

ARGUMENTS

int milliseconds (in)

How many milliseconds to wait before invoking proc.

Tk_TimerProc *proc (in)

Procedure to invoke after milliseconds have elapsed.

ClientData clientData (in)

Arbitrary one-word value to pass to proc.

Tk_TimerToken token (in)

Token for previously-created timer handler (the return value from some previous call to Tk_CreateTimerHandler).

DESCRIPTION

Tk_CreateTimerHandler arranges for proc to be invoked at a time milliseconds milliseconds in the future. The callback to proc will be made by Tk_DoOneEvent, so Tk_CreateTimerHandler is only useful in programs that dispatch events through Tk_DoOneEvent or through other Tk procedures that call Tk_DoOneEvent, such as Tk_MainLoop. The call to proc may not be made at the exact time given by milliseconds: it will be made at the next opportunity after that time. For example, if Tk_DoOneEvent isn't called until long after the time has elapsed, or if there are other pending events to process before the call to proc, then the call to proc will be delayed.

Proc should have arguments and return value that match the type Tk_TimerProc:

typedef void Tk_TimerProc(ClientData clientData);

The clientData parameter to proc is a copy of the clientData argument given to Tcl_CreateTimerHandler when the callback was created. Typically, clientData points to a data structure containing application-specific information about what to do in proc.

Tk_DeleteTimerHandler may be called to delete a previously-created timer handler. It deletes the handler indicated by token so that no call to proc will be made; if that handler no longer exists (e.g. because the time period has already elapsed and proc has been invoked) then Tk_DeleteTimerHandler does nothing.

KEYWORDS

callback, clock, handler, timer