/ 
Tk-804.034
/ pod/pTk/GetFont.pod
Security Advisories (6)
CVE-2007-4769 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

CVE-2018-25032 (2022-03-25)

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

CVE-2011-3045 (2012-03-22)

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

CVE-2016-10087 (2017-01-30)

The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

CVE-2007-4772 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

CVE-2007-6067 (2008-01-09)

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

NAME

Tk_GetFont, Tk_NameOfFont, Tk_FreeFont - maintain database of fonts

SYNOPSIS

#include <tk.h>

Tk_Font Tk_GetFont(interp, tkwin, string)

char * Tk_NameOfFont(tkfont)

void Tk_FreeFont(tkfont)

ARGUMENTS

"Tcl_Interp" *interp (in)

Interpreter to use for error reporting.

Tk_Window tkwin (in)

Token for window on the display in which font will be used.

"const char" *string (in)

Name or description of desired font. See documentation for the font command for details on acceptable formats.

Tk_Font tkfont (in)

Opaque font token.

DESCRIPTION

Tk_GetFont finds the font indicated by string and returns a token that represents the font. The return value can be used in subsequent calls to procedures such as Tk_FontMetrics, Tk_MeasureChars, and Tk_FreeFont. The token returned by Tk_GetFont will remain valid until Tk_FreeFont is called to release it. String can be either a symbolic name or a font description; see the documentation for the font command for a description of the valid formats. If Tk_GetFont is unsuccessful (because, for example, string was not a valid font specification) then it returns NULL and stores an error message in interp->result.

Tk_GetFont maintains a database of all fonts it has allocated. If the same string is requested multiple times (e.g. by different windows or for different purposes), then additional calls for the same string will be handled without involving the platform-specific graphics server.

The procedure Tk_NameOfFont is roughly the inverse of Tk_GetFont. Given a tkfont that was created by Tk_GetFont, the return value is the string argument that was passed to Tk_GetFont to create the font. The string returned by Tk_NameOfFont is only guaranteed to persist until the tkfont is deleted. The caller must not modify this string.

When a font returned by Tk_GetFont is no longer needed, Tk_FreeFont should be called to release it. There should be exactly one call to Tk_FreeFont for each call to Tk_GetFont. When a font is no longer in use anywhere (i.e. it has been freed as many times as it has been gotten) Tk_FreeFont will release any platform-specific storage and delete it from the database.

KEYWORDS

font