Mercurial > vim
diff src/diff.c @ 32218:9c6bc59b6d80 v9.0.1440
patch 9.0.1440: "rvim" can execute a shell through :diffpatch
Commit: https://github.com/vim/vim/commit/23a971da506249fc8388f06cd5c011b83406ac5c
Author: Bram Moolenaar <Bram@vim.org>
Date: Tue Apr 4 22:04:53 2023 +0100
patch 9.0.1440: "rvim" can execute a shell through :diffpatch
Problem: "rvim" can execute a shell through :diffpatch.
Solution: Disallow the shell "patch" command.
author | Bram Moolenaar <Bram@vim.org> |
---|---|
date | Tue, 04 Apr 2023 23:15:06 +0200 |
parents | 97255d909654 |
children | 95db67c7b754 |
line wrap: on
line diff
--- a/src/diff.c +++ b/src/diff.c @@ -1310,6 +1310,9 @@ ex_diffpatch(exarg_T *eap) else #endif { + if (check_restricted()) + goto theend; + // Build the patch command and execute it. Ignore errors. Switch to // cooked mode to allow the user to respond to prompts. vim_snprintf((char *)buf, buflen, "patch -o %s %s < %s", @@ -1380,7 +1383,8 @@ ex_diffpatch(exarg_T *eap) // Do filetype detection with the new name. if (au_has_group((char_u *)"filetypedetect")) - do_cmdline_cmd((char_u *)":doau filetypedetect BufRead"); + do_cmdline_cmd( + (char_u *)":doau filetypedetect BufRead"); } } }