/ 
Tk-804.036
River stage three • 168 direct dependents • 184 total dependents
/ Tk::Derived
Security Advisories (7)
CVE-2007-4769 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

CVE-2018-25032 (2022-03-25)

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

CVE-2011-3045 (2012-03-22)

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

CVE-2016-10087 (2017-01-30)

The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

CVE-2007-4772 (2008-01-09)

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

CVE-2007-6067 (2008-01-09)

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

CVE-2017-12652 (2019-07-10)

libpng before 1.6.32 does not properly check the length of chunks against the user limit.

NAME

Tk::Derived - Base class for widgets derived from others

SYNOPSIS

 package Tk::MyNewWidget;

 use Tk::widgets qw/ BaseWidget, list of Tk widgets /;
 use base qw/ Tk::Derived Tk::BaseWidget /;

 Construct Tk::Widget 'MyNewWidget';

 sub ClassInit {
     my( $class, $mw ) = @_;
     #... e.g., class bindings here ...
     $class->SUPER::ClassInit( $mw );
 }

 sub Populate {
     my( $self, $args ) = @_;

     my $flag = delete $args->{-flag};
     if( defined $flag ) {
         # handle -flag => xxx which can only be done at create
         # time the delete above ensures that new() does not try
         # and do  $self->configure( -flag => xxx );
     }

     $self->SUPER::Populate( $args );

     $self = $self->Component( ... );

     $self->Delegates( ... );

     $self->ConfigSpecs(
         '-cursor'    => [ SELF, 'cursor', 'Cursor',   undef ],
         '-something' => [ METHOD, dbName,  dbClass, default ],
         '-text'      => [ $label, dbName,  dbClass, default ],
         '-heading'   => [ {-text => $head},
                             heading, Heading,  'My Heading' ],
    ); 
}

sub something {
    my( $self, $value) = @_;
    if ( @_ > 1 ) {
       # set it
    }
    return # current value
}

DESCRIPTION

Tk::Derived is used with Perl's multiple inheritance to override some methods normally inherited from Tk::Widget.

Tk::Derived should precede any Tk widgets in the class's base class definition.

Tk::Derived's main purpose is to apply wrappers to configure and cget methods of widgets to allow the derived widget to add to or modify behaviour of the configure options supported by the base widget.

The derived class should normally override the Populate method provided by Tk::Derived and call ConfigSpecs to declare configure options.

The public methods provided by Tk::Derived are as follows:

->ConfigSpecs(-key => [kind, name, Class, default], ...)

SEE ALSO

Tk::ConfigSpecs Tk::mega Tk::composite