Mercurial > vim

diff src/buffer.c @ 15054:2d6e930c7613 v8.1.0538

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 8.1.0538: evaluating a modeline might invoke using a shell command commit https://github.com/vim/vim/commit/5958f95a40a4a44bd9e7f3b7ec6554a6ef3e42ca Author: Bram Moolenaar <Bram@vim.org> Date: Tue Nov 20 04:25:21 2018 +0100 patch 8.1.0538: evaluating a modeline might invoke using a shell command Problem: Evaluating a modeline might invoke using a shell command. (Paul Huber) Solution: Set the sandbox flag when setting options from a modeline.
author Bram Moolenaar <Bram@vim.org>
date Tue, 20 Nov 2018 04:30:07 +0100
parents 67e3103d6e18
children a751ecdd07cc
line wrap: on
line diff
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -5522,7 +5522,12 @@ chk_modeline(
 		current_sctx.sc_seq = 0;
 		current_sctx.sc_lnum = 0;
 #endif
+		// Make sure no risky things are executed as a side effect.
+		++sandbox;
+
 		retval = do_set(s, OPT_MODELINE | OPT_LOCAL | flags);
+
+		--sandbox;
 #ifdef FEAT_EVAL
 		current_sctx = save_current_sctx;
 #endif