vim: src/proto/popupwin.pro annotate

annotate src/proto/popupwin.pro @ 33664:06b59278bfcf v9.0.2070

patch 9.0.2070: [security] disallow setting env in restricted mode Commit: https://github.com/vim/vim/commit/6b89dd6a7257a1e2e9c7ea070b407bc4674a5118 Author: Christian Brabandt <cb@256bit.org> Date: Thu Oct 26 22:14:17 2023 +0200 patch 9.0.2070: [security] disallow setting env in restricted mode Problem: [security] disallow setting env in restricted mode Solution: Setting environment variables in restricted mode could potentially be used to execute shell commands. Disallow this. restricted mode: disable allow setting of environment variables Setting environment variables in restricted mode, may have some unwanted consequences. So, for example by setting $GCONV_PATH in restricted mode and then calling the iconv() function, one may be able to execute some unwanted payload, because the `iconv_open()` function internally uses the `$GCONV_PATH` variable to find its conversion data. So let's disable setting environment variables, even so this is no complete protection, since we are not clearing the existing environment. I tried a few ways but wasn't successful :( One could also argue to disable the iconv() function completely in restricted mode, but who knows what other API functions can be influenced by setting some other unrelated environment variables. So let's leave it as it is currently. closes: #13394 See: https://huntr.com/bounties/b0a2eda1-459c-4e36-98e6-0cc7d7faccfe/ Signed-off-by: Christian Brabandt <cb@256bit.org>

author	Christian Brabandt <cb@256bit.org>
date	Thu, 26 Oct 2023 22:30:03 +0200
parents	d914a3812d5b
children	5301104f466a

rev	line source
16778 eda4d65f232c patch 8.1.1391: no popup window support Bram Moolenaar <Bram@vim.org> parents: diff changeset	1 /* popupwin.c */
17051 221d4b82bc0b patch 8.1.1525: cannot move a popup window with the mouse Bram Moolenaar <Bram@vim.org> parents: 17045 diff changeset	2 int popup_on_border(win_T *wp, int row, int col);
17847 bdddd215bf09 patch 8.1.1920: cannot always close a popup when filter consumes all events Bram Moolenaar <Bram@vim.org> parents: 17817 diff changeset	3 int popup_close_if_on_X(win_T *wp, int row, int col);
17582 6fea25072c35 patch 8.1.1788: missing changes in proto file Bram Moolenaar <Bram@vim.org> parents: 17578 diff changeset	4 void popup_start_drag(win_T *wp, int row, int col);
17051 221d4b82bc0b patch 8.1.1525: cannot move a popup window with the mouse Bram Moolenaar <Bram@vim.org> parents: 17045 diff changeset	5 void popup_drag(win_T *wp);
17216 11f3cf51d43b patch 8.1.1608: the evalfunc.c file is too big Bram Moolenaar <Bram@vim.org> parents: 17151 diff changeset	6 void popup_set_firstline(win_T *wp);
17578 696030820746 patch 8.1.1786: double click in popup scrollbar starts selection Bram Moolenaar <Bram@vim.org> parents: 17551 diff changeset	7 int popup_is_in_scrollbar(win_T *wp, int row, int col);
17216 11f3cf51d43b patch 8.1.1608: the evalfunc.c file is too big Bram Moolenaar <Bram@vim.org> parents: 17151 diff changeset	8 void popup_handle_scrollbar_click(win_T *wp, int row, int col);
17811 b5499bf22a97 patch 8.1.1902: cannot have an info popup without a border Bram Moolenaar <Bram@vim.org> parents: 17789 diff changeset	9 int popup_top_extra(win_T *wp);
18637 0c005ff84a45 patch 8.1.2311: warning for missing function prototype Bram Moolenaar <Bram@vim.org> parents: 18613 diff changeset	10 int popup_left_extra(win_T *wp);
17041 5ed4965ebc7b patch 8.1.1520: popup windows are ignored when dealing with mouse position Bram Moolenaar <Bram@vim.org> parents: 17026 diff changeset	11 int popup_height(win_T *wp);
5ed4965ebc7b patch 8.1.1520: popup windows are ignored when dealing with mouse position Bram Moolenaar <Bram@vim.org> parents: 17026 diff changeset	12 int popup_width(win_T *wp);
17767 c75da1064e33 patch 8.1.1880: cannot show extra info for completion in a popup window Bram Moolenaar <Bram@vim.org> parents: 17604 diff changeset	13 int popup_extra_width(win_T *wp);
17431 ce35cdbe9f74 patch 8.1.1714: cannot preview a file in a popup window Bram Moolenaar <Bram@vim.org> parents: 17348 diff changeset	14 int parse_previewpopup(win_T *wp);
17771 4bd21046902b patch 8.1.1882: cannot specify properties of the info popup window Bram Moolenaar <Bram@vim.org> parents: 17767 diff changeset	15 int parse_completepopup(win_T *wp);
18558 e5ef5d820b5b patch 8.1.2273: wrong default when "pos" is changed with popup_atcursor() Bram Moolenaar <Bram@vim.org> parents: 18396 diff changeset	16 void popup_set_wantpos_cursor(win_T wp, int width, dict_T d);
17767 c75da1064e33 patch 8.1.1880: cannot show extra info for completion in a popup window Bram Moolenaar <Bram@vim.org> parents: 17604 diff changeset	17 void popup_set_wantpos_rowcol(win_T *wp, int row, int col);
29958 549994614a5a patch 9.0.0317: when updating the whole screen a popup may not be redrawn Bram Moolenaar <Bram@vim.org> parents: 29912 diff changeset	18 void popup_redraw_all(void);
17026 905e1b154058 patch 8.1.1513: all popup functionality is in functions, except :popupclear Bram Moolenaar <Bram@vim.org> parents: 16904 diff changeset	19 void f_popup_clear(typval_T argvars, typval_T rettv);
16855 19162ff4eacd patch 8.1.1429: "pos" option of popup window not supported yet Bram Moolenaar <Bram@vim.org> parents: 16853 diff changeset	20 void f_popup_create(typval_T argvars, typval_T rettv);
19162ff4eacd patch 8.1.1429: "pos" option of popup window not supported yet Bram Moolenaar <Bram@vim.org> parents: 16853 diff changeset	21 void f_popup_atcursor(typval_T argvars, typval_T rettv);
17292 8a095d343c59 patch 8.1.1645: cannot use a popup window for a balloon Bram Moolenaar <Bram@vim.org> parents: 17219 diff changeset	22 void f_popup_beval(typval_T argvars, typval_T rettv);
19265 ce8c47ed54e5 patch 8.2.0191: cannot put a terminal in a popup window Bram Moolenaar <Bram@vim.org> parents: 18840 diff changeset	23 void popup_close_with_retval(win_T *wp, int retval);
17219 5169811b3044 patch 8.1.1609: the user cannot easily close a popup window Bram Moolenaar <Bram@vim.org> parents: 17216 diff changeset	24 void popup_close_for_mouse_click(win_T *wp);
17292 8a095d343c59 patch 8.1.1645: cannot use a popup window for a balloon Bram Moolenaar <Bram@vim.org> parents: 17219 diff changeset	25 void popup_handle_mouse_moved(void);
17117 7ef5283ace3c patch 8.1.1558: popup_menu() and popup_filter_menu() are not implemented yet Bram Moolenaar <Bram@vim.org> parents: 17111 diff changeset	26 void f_popup_filter_menu(typval_T argvars, typval_T rettv);
17097 94007c802045 patch 8.1.1548: popup_dialog() is not implemented Bram Moolenaar <Bram@vim.org> parents: 17057 diff changeset	27 void f_popup_filter_yesno(typval_T argvars, typval_T rettv);
94007c802045 patch 8.1.1548: popup_dialog() is not implemented Bram Moolenaar <Bram@vim.org> parents: 17057 diff changeset	28 void f_popup_dialog(typval_T argvars, typval_T rettv);
17117 7ef5283ace3c patch 8.1.1558: popup_menu() and popup_filter_menu() are not implemented yet Bram Moolenaar <Bram@vim.org> parents: 17111 diff changeset	29 void f_popup_menu(typval_T argvars, typval_T rettv);
17045 7fe328ad5573 patch 8.1.1522: poup_notification() not implemented yet Bram Moolenaar <Bram@vim.org> parents: 17041 diff changeset	30 void f_popup_notification(typval_T argvars, typval_T rettv);
16855 19162ff4eacd patch 8.1.1429: "pos" option of popup window not supported yet Bram Moolenaar <Bram@vim.org> parents: 16853 diff changeset	31 void f_popup_close(typval_T argvars, typval_T rettv);
18396 ba5d8c5d77d7 patch 8.1.2192: cannot easily fill the info popup asynchronously Bram Moolenaar <Bram@vim.org> parents: 17863 diff changeset	32 void popup_hide(win_T *wp);
16855 19162ff4eacd patch 8.1.1429: "pos" option of popup window not supported yet Bram Moolenaar <Bram@vim.org> parents: 16853 diff changeset	33 void f_popup_hide(typval_T argvars, typval_T rettv);
17817 e8a7029efa40 patch 8.1.1905: cannot set all properties of the info popup Bram Moolenaar <Bram@vim.org> parents: 17811 diff changeset	34 void popup_show(win_T *wp);
16855 19162ff4eacd patch 8.1.1429: "pos" option of popup window not supported yet Bram Moolenaar <Bram@vim.org> parents: 16853 diff changeset	35 void f_popup_show(typval_T argvars, typval_T rettv);
17107 0001d10a7661 patch 8.1.1553: not easy to change the text in a popup window Bram Moolenaar <Bram@vim.org> parents: 17097 diff changeset	36 void f_popup_settext(typval_T argvars, typval_T rettv);
19816 f37028184d6a patch 8.2.0464: typos and other small problems Bram Moolenaar <Bram@vim.org> parents: 19271 diff changeset	37 int error_if_popup_window(int also_with_term);
20384 42ab4d40e78f patch 8.2.0747: cannot forcefully close all popups Bram Moolenaar <Bram@vim.org> parents: 20382 diff changeset	38 int popup_close(int id, int force);
42ab4d40e78f patch 8.2.0747: cannot forcefully close all popups Bram Moolenaar <Bram@vim.org> parents: 20382 diff changeset	39 int popup_close_tabpage(tabpage_T *tp, int id, int force);
42ab4d40e78f patch 8.2.0747: cannot forcefully close all popups Bram Moolenaar <Bram@vim.org> parents: 20382 diff changeset	40 void close_all_popups(int force);
16855 19162ff4eacd patch 8.1.1429: "pos" option of popup window not supported yet Bram Moolenaar <Bram@vim.org> parents: 16853 diff changeset	41 void f_popup_move(typval_T argvars, typval_T rettv);
17123 efc6f5e3b543 patch 8.1.1561: popup_setoptions() is not implemented yet Bram Moolenaar <Bram@vim.org> parents: 17117 diff changeset	42 void f_popup_setoptions(typval_T argvars, typval_T rettv);
16855 19162ff4eacd patch 8.1.1429: "pos" option of popup window not supported yet Bram Moolenaar <Bram@vim.org> parents: 16853 diff changeset	43 void f_popup_getpos(typval_T argvars, typval_T rettv);
20386 3b3589275ab9 patch 8.2.0748: cannot get a list of all popups Bram Moolenaar <Bram@vim.org> parents: 20384 diff changeset	44 void f_popup_list(typval_T argvars, typval_T rettv);
17348 d82b0cfb1e82 patch 8.1.1673: cannot easily find the popup window at a certain position Bram Moolenaar <Bram@vim.org> parents: 17292 diff changeset	45 void f_popup_locate(typval_T argvars, typval_T rettv);
16853 e6bcccccbf7b patch 8.1.1428: popup_atcursor() not implemented yet Bram Moolenaar <Bram@vim.org> parents: 16841 diff changeset	46 void f_popup_getoptions(typval_T argvars, typval_T rettv);
19265 ce8c47ed54e5 patch 8.2.0191: cannot put a terminal in a popup window Bram Moolenaar <Bram@vim.org> parents: 18840 diff changeset	47 int error_if_term_popup_window(void);
18613 fa995154904e patch 8.1.2300: redraw breaks going through list of popup windows Bram Moolenaar <Bram@vim.org> parents: 18558 diff changeset	48 void popup_reset_handled(int handled_flag);
fa995154904e patch 8.1.2300: redraw breaks going through list of popup windows Bram Moolenaar <Bram@vim.org> parents: 18558 diff changeset	49 win_T *find_next_popup(int lowest, int handled_flag);
16880 998603a243d7 patch 8.1.1441: popup window filter not yet implemented Bram Moolenaar <Bram@vim.org> parents: 16874 diff changeset	50 int popup_do_filter(int c);
17604 506dd2efcbb2 patch 8.1.1799: cannot avoid mapping for a popup window Bram Moolenaar <Bram@vim.org> parents: 17584 diff changeset	51 int popup_no_mapping(void);
16904 9138e2c60bf1 patch 8.1.1453: popup window "moved" property not implemented yet Bram Moolenaar <Bram@vim.org> parents: 16880 diff changeset	52 void popup_check_cursor_pos(void);
17055 f4de7ccdfd8c patch 8.1.1527: when moving popup window over the cmdline it is not redrawn Bram Moolenaar <Bram@vim.org> parents: 17051 diff changeset	53 void may_update_popup_mask(int type);
22403 3351d2cd3f1f patch 8.2.1750: popup_setoptions() setting firstline fails if cursorline set Bram Moolenaar <Bram@vim.org> parents: 21373 diff changeset	54 void may_update_popup_position(void);
17055 f4de7ccdfd8c patch 8.1.1527: when moving popup window over the cmdline it is not redrawn Bram Moolenaar <Bram@vim.org> parents: 17051 diff changeset	55 void update_popups(void (win_update)(win_T wp));
17151 ebe9aab81898 patch 8.1.1575: callbacks may be garbage collected Bram Moolenaar <Bram@vim.org> parents: 17123 diff changeset	56 int set_ref_in_popups(int copyID);
18840 05b240971884 patch 8.1.2407: proto files, dependencies and build instructions outdated Bram Moolenaar <Bram@vim.org> parents: 18637 diff changeset	57 int popup_is_popup(win_T *wp);
17431 ce35cdbe9f74 patch 8.1.1714: cannot preview a file in a popup window Bram Moolenaar <Bram@vim.org> parents: 17348 diff changeset	58 win_T *popup_find_preview_window(void);
17767 c75da1064e33 patch 8.1.1880: cannot show extra info for completion in a popup window Bram Moolenaar <Bram@vim.org> parents: 17604 diff changeset	59 win_T *popup_find_info_window(void);
30697 d914a3812d5b patch 9.0.0683: cannot specify a time for :echowindow Bram Moolenaar <Bram@vim.org> parents: 30025 diff changeset	60 void f_popup_findecho(typval_T argvars, typval_T rettv);
17817 e8a7029efa40 patch 8.1.1905: cannot set all properties of the info popup Bram Moolenaar <Bram@vim.org> parents: 17811 diff changeset	61 void f_popup_findinfo(typval_T argvars, typval_T rettv);
e8a7029efa40 patch 8.1.1905: cannot set all properties of the info popup Bram Moolenaar <Bram@vim.org> parents: 17811 diff changeset	62 void f_popup_findpreview(typval_T argvars, typval_T rettv);
17767 c75da1064e33 patch 8.1.1880: cannot show extra info for completion in a popup window Bram Moolenaar <Bram@vim.org> parents: 17604 diff changeset	63 int popup_create_preview_window(int info);
17817 e8a7029efa40 patch 8.1.1905: cannot set all properties of the info popup Bram Moolenaar <Bram@vim.org> parents: 17811 diff changeset	64 void popup_close_preview(void);
e8a7029efa40 patch 8.1.1905: cannot set all properties of the info popup Bram Moolenaar <Bram@vim.org> parents: 17811 diff changeset	65 void popup_hide_info(void);
21373 3d73cdd173ab patch 8.2.1237: changing 'completepopup' after opening popup has no effect Bram Moolenaar <Bram@vim.org> parents: 20386 diff changeset	66 void popup_close_info(void);
29900 a6721cafbc74 patch 9.0.0288: when 'cmdheight' is zero some messages are not displayed Bram Moolenaar <Bram@vim.org> parents: 22403 diff changeset	67 win_T *popup_get_message_win(void);
a6721cafbc74 patch 9.0.0288: when 'cmdheight' is zero some messages are not displayed Bram Moolenaar <Bram@vim.org> parents: 22403 diff changeset	68 void popup_show_message_win(void);
a6721cafbc74 patch 9.0.0288: when 'cmdheight' is zero some messages are not displayed Bram Moolenaar <Bram@vim.org> parents: 22403 diff changeset	69 int popup_message_win_visible(void);
a6721cafbc74 patch 9.0.0288: when 'cmdheight' is zero some messages are not displayed Bram Moolenaar <Bram@vim.org> parents: 22403 diff changeset	70 void popup_hide_message_win(void);
30697 d914a3812d5b patch 9.0.0683: cannot specify a time for :echowindow Bram Moolenaar <Bram@vim.org> parents: 30025 diff changeset	71 void start_echowindow(int time_sec);
30025 d269dd3cd31d patch 9.0.0350: :echowindow does not work in a compiled function Bram Moolenaar <Bram@vim.org> parents: 30005 diff changeset	72 void end_echowindow(void);
17863 08f1dd29550e patch 8.1.1928: popup windows don't move with the text when making changes Bram Moolenaar <Bram@vim.org> parents: 17847 diff changeset	73 int popup_win_closed(win_T *win);
17584 65a8099fc0e8 patch 8.1.1789: cannot see file name of preview popup window Bram Moolenaar <Bram@vim.org> parents: 17582 diff changeset	74 void popup_set_title(win_T *wp);
65a8099fc0e8 patch 8.1.1789: cannot see file name of preview popup window Bram Moolenaar <Bram@vim.org> parents: 17582 diff changeset	75 void popup_update_preview_title(void);
16778 eda4d65f232c patch 8.1.1391: no popup window support Bram Moolenaar <Bram@vim.org> parents: diff changeset	76 /* vim: set ft=c : */

Mercurial > vim

annotate src/proto/popupwin.pro @ 33664:06b59278bfcf v9.0.2070