Mercurial > vim
diff src/option.c @ 16728:e55c26aaf484 v8.1.1366
patch 8.1.1366: using expressions in a modeline is unsafe
commit https://github.com/vim/vim/commit/110289e78195b6d01e1e6ad26ad450de476d41c1
Author: Bram Moolenaar <Bram@vim.org>
Date: Thu May 23 15:38:06 2019 +0200
patch 8.1.1366: using expressions in a modeline is unsafe
Problem: Using expressions in a modeline is unsafe.
Solution: Disallow using expressions in a modeline, unless the
'modelineexpr' option is set. Update help, add more tests.
| author | Bram Moolenaar <Bram@vim.org> |
|---|---|
| date | Thu, 23 May 2019 15:45:06 +0200 |
| parents | 77bcb5055fec |
| children | 000350f8e4d1 |
line wrap: on
line diff
--- a/src/option.c +++ b/src/option.c @@ -467,6 +467,7 @@ struct vimoption * there is a redraw flag */ #define P_NDNAME 0x8000000L /* only normal dir name chars allowed */ #define P_RWINONLY 0x10000000L /* only redraw current window */ +#define P_MLE 0x20000000L /* under control of 'modelineexpr' */ #define ISK_LATIN1 (char_u *)"@,48-57,_,192-255" @@ -650,7 +651,7 @@ static struct vimoption options[] = {(char_u *)0L, (char_u *)0L} #endif SCTX_INIT}, - {"balloonexpr", "bexpr", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM, + {"balloonexpr", "bexpr", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM|P_MLE, #if defined(FEAT_BEVAL) && defined(FEAT_EVAL) (char_u *)&p_bexpr, PV_BEXPR, {(char_u *)"", (char_u *)0L} @@ -727,7 +728,7 @@ static struct vimoption options[] = (char_u *)&p_cmp, PV_NONE, {(char_u *)"internal,keepascii", (char_u *)0L} SCTX_INIT}, - {"cdpath", "cd", P_STRING|P_EXPAND|P_VI_DEF|P_COMMA|P_NODUP, + {"cdpath", "cd", P_STRING|P_EXPAND|P_VI_DEF|P_SECURE|P_COMMA|P_NODUP, #ifdef FEAT_SEARCHPATH (char_u *)&p_cdpath, PV_NONE, {(char_u *)",,", (char_u *)0L} @@ -1175,7 +1176,7 @@ static struct vimoption options[] = {(char_u *)NULL, (char_u *)0L} #endif SCTX_INIT}, - {"foldexpr", "fde", P_STRING|P_ALLOCED|P_VIM|P_VI_DEF|P_RWIN, + {"foldexpr", "fde", P_STRING|P_ALLOCED|P_VIM|P_VI_DEF|P_RWIN|P_MLE, #if defined(FEAT_FOLDING) && defined(FEAT_EVAL) (char_u *)VAR_WIN, PV_FDE, {(char_u *)"0", (char_u *)NULL} @@ -1258,7 +1259,7 @@ static struct vimoption options[] = {(char_u *)NULL, (char_u *)0L} #endif SCTX_INIT}, - {"foldtext", "fdt", P_STRING|P_ALLOCED|P_VIM|P_VI_DEF|P_RWIN, + {"foldtext", "fdt", P_STRING|P_ALLOCED|P_VIM|P_VI_DEF|P_RWIN|P_MLE, #if defined(FEAT_FOLDING) && defined(FEAT_EVAL) (char_u *)VAR_WIN, PV_FDT, {(char_u *)"foldtext()", (char_u *)NULL} @@ -1267,7 +1268,7 @@ static struct vimoption options[] = {(char_u *)NULL, (char_u *)0L} #endif SCTX_INIT}, - {"formatexpr", "fex", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM, + {"formatexpr", "fex", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM|P_MLE, #ifdef FEAT_EVAL (char_u *)&p_fex, PV_FEX, {(char_u *)"", (char_u *)0L} @@ -1406,7 +1407,7 @@ static struct vimoption options[] = (char_u *)NULL, PV_NONE, #endif {(char_u *)TRUE, (char_u *)0L} SCTX_INIT}, - {"guitablabel", "gtl", P_STRING|P_VI_DEF|P_RWIN, + {"guitablabel", "gtl", P_STRING|P_VI_DEF|P_RWIN|P_MLE, #if defined(FEAT_GUI_TABLINE) (char_u *)&p_gtl, PV_NONE, {(char_u *)"", (char_u *)0L} @@ -1477,7 +1478,7 @@ static struct vimoption options[] = (char_u *)NULL, PV_NONE, #endif {(char_u *)FALSE, (char_u *)0L} SCTX_INIT}, - {"iconstring", NULL, P_STRING|P_VI_DEF, + {"iconstring", NULL, P_STRING|P_VI_DEF|P_MLE, #ifdef FEAT_TITLE (char_u *)&p_iconstring, PV_NONE, #else @@ -1549,7 +1550,7 @@ static struct vimoption options[] = {(char_u *)0L, (char_u *)0L} #endif SCTX_INIT}, - {"includeexpr", "inex", P_STRING|P_ALLOCED|P_VI_DEF, + {"includeexpr", "inex", P_STRING|P_ALLOCED|P_VI_DEF|P_MLE, #if defined(FEAT_FIND_ID) && defined(FEAT_EVAL) (char_u *)&p_inex, PV_INEX, {(char_u *)"", (char_u *)0L} @@ -1561,7 +1562,7 @@ static struct vimoption options[] = {"incsearch", "is", P_BOOL|P_VI_DEF|P_VIM, (char_u *)&p_is, PV_NONE, {(char_u *)FALSE, (char_u *)0L} SCTX_INIT}, - {"indentexpr", "inde", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM, + {"indentexpr", "inde", P_STRING|P_ALLOCED|P_VI_DEF|P_VIM|P_MLE, #if defined(FEAT_CINDENT) && defined(FEAT_EVAL) (char_u *)&p_inde, PV_INDE, {(char_u *)"", (char_u *)0L} @@ -1888,6 +1889,9 @@ static struct vimoption options[] = {"modeline", "ml", P_BOOL|P_VIM, (char_u *)&p_ml, PV_ML, {(char_u *)FALSE, (char_u *)TRUE} SCTX_INIT}, + {"modelineexpr", "mle", P_BOOL|P_VI_DEF, + (char_u *)&p_mle, PV_NONE, + {(char_u *)FALSE, (char_u *)0L} SCTX_INIT}, {"modelines", "mls", P_NUM|P_VI_DEF, (char_u *)&p_mls, PV_NONE, {(char_u *)5L, (char_u *)0L} SCTX_INIT}, @@ -2311,7 +2315,7 @@ static struct vimoption options[] = (char_u *)NULL, PV_NONE, #endif {(char_u *)FALSE, (char_u *)0L} SCTX_INIT}, - {"rulerformat", "ruf", P_STRING|P_VI_DEF|P_ALLOCED|P_RSTAT, + {"rulerformat", "ruf", P_STRING|P_VI_DEF|P_ALLOCED|P_RSTAT|P_MLE, #ifdef FEAT_STL_OPT (char_u *)&p_ruf, PV_NONE, #else @@ -2577,7 +2581,7 @@ static struct vimoption options[] = {"startofline", "sol", P_BOOL|P_VI_DEF|P_VIM, (char_u *)&p_sol, PV_NONE, {(char_u *)TRUE, (char_u *)0L} SCTX_INIT}, - {"statusline" ,"stl", P_STRING|P_VI_DEF|P_ALLOCED|P_RSTAT, + {"statusline" ,"stl", P_STRING|P_VI_DEF|P_ALLOCED|P_RSTAT|P_MLE, #ifdef FEAT_STL_OPT (char_u *)&p_stl, PV_STL, #else @@ -2624,7 +2628,7 @@ static struct vimoption options[] = {(char_u *)0L, (char_u *)0L} #endif SCTX_INIT}, - {"tabline", "tal", P_STRING|P_VI_DEF|P_RALL, + {"tabline", "tal", P_STRING|P_VI_DEF|P_RALL|P_MLE, #ifdef FEAT_STL_OPT (char_u *)&p_tal, PV_NONE, #else @@ -2802,7 +2806,7 @@ static struct vimoption options[] = {(char_u *)0L, (char_u *)0L} #endif SCTX_INIT}, - {"titlestring", NULL, P_STRING|P_VI_DEF, + {"titlestring", NULL, P_STRING|P_VI_DEF|P_MLE, #ifdef FEAT_TITLE (char_u *)&p_titlestring, PV_NONE, #else @@ -4549,6 +4553,11 @@ do_set( errmsg = _("E520: Not allowed in a modeline"); goto skip; } + if ((flags & P_MLE) && !p_mle) + { + errmsg = _("E992: Not allowed in a modeline when 'modelineexpr' is off"); + goto skip; + } #ifdef FEAT_DIFF /* In diff mode some options are overruled. This avoids that * 'foldmethod' becomes "marker" instead of "diff" and that