Mercurial > vim

changeset 15054:2d6e930c7613 v8.1.0538

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 8.1.0538: evaluating a modeline might invoke using a shell command commit https://github.com/vim/vim/commit/5958f95a40a4a44bd9e7f3b7ec6554a6ef3e42ca Author: Bram Moolenaar <Bram@vim.org> Date: Tue Nov 20 04:25:21 2018 +0100 patch 8.1.0538: evaluating a modeline might invoke using a shell command Problem: Evaluating a modeline might invoke using a shell command. (Paul Huber) Solution: Set the sandbox flag when setting options from a modeline.
author Bram Moolenaar <Bram@vim.org>
date Tue, 20 Nov 2018 04:30:07 +0100
parents f15ec8ab8ac7
children bf6188c15027
files src/buffer.c src/version.c
diffstat 2 files changed, 7 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -5522,7 +5522,12 @@ chk_modeline(
 		current_sctx.sc_seq = 0;
 		current_sctx.sc_lnum = 0;
 #endif
+		// Make sure no risky things are executed as a side effect.
+		++sandbox;
+
 		retval = do_set(s, OPT_MODELINE | OPT_LOCAL | flags);
+
+		--sandbox;
 #ifdef FEAT_EVAL
 		current_sctx = save_current_sctx;
 #endif
--- a/src/version.c
+++ b/src/version.c
@@ -793,6 +793,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    538,
+/**/
     537,
 /**/
     536,