Mercurial > vim

view runtime/indent/README.txt @ 33664:06b59278bfcf v9.0.2070

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.0.2070: [security] disallow setting env in restricted mode Commit: https://github.com/vim/vim/commit/6b89dd6a7257a1e2e9c7ea070b407bc4674a5118 Author: Christian Brabandt <cb@256bit.org> Date: Thu Oct 26 22:14:17 2023 +0200 patch 9.0.2070: [security] disallow setting env in restricted mode Problem: [security] disallow setting env in restricted mode Solution: Setting environment variables in restricted mode could potentially be used to execute shell commands. Disallow this. restricted mode: disable allow setting of environment variables Setting environment variables in restricted mode, may have some unwanted consequences. So, for example by setting $GCONV_PATH in restricted mode and then calling the iconv() function, one may be able to execute some unwanted payload, because the `iconv_open()` function internally uses the `$GCONV_PATH` variable to find its conversion data. So let's disable setting environment variables, even so this is no complete protection, since we are not clearing the existing environment. I tried a few ways but wasn't successful :( One could also argue to disable the iconv() function completely in restricted mode, but who knows what other API functions can be influenced by setting some other unrelated environment variables. So let's leave it as it is currently. closes: #13394 See: https://huntr.com/bounties/b0a2eda1-459c-4e36-98e6-0cc7d7faccfe/ Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Thu, 26 Oct 2023 22:30:03 +0200
parents 1b862a461d93
children
line wrap: on
line source

This directory contains files to automatically compute the indent for a
type of file.

If you want to add your own indent file for your personal use, read the docs
at ":help indent-expression".  Looking at the existing files should give you
inspiration.

If you make a new indent file which would be useful for others, please send it
to the vim-dev mailing list <vim-dev@vim.org>.  Include instructions for
detecting the file type for this language, by file name extension or by
checking a few lines in the file. And please stick to the rules below.

If you have remarks about an existing file, send them to the maintainer of
that file.  Only when you get no response send a message to the vim-dev
mailing list: <vim-dev@vim.org>.

If you are the maintainer of an indent file and make improvements, e-mail the
new version to the vim-dev mailing list: <vim-dev@vim.org>.


Rules for making an indent file:

You should use this check for "b:did_indent":

	" Only load this indent file when no other was loaded yet.
	if exists("b:did_indent")
	  finish
	endif
	let b:did_indent = 1

Always use ":setlocal" to set 'indentexpr'.  This avoids it being carried over
to other buffers.

To trigger the indenting after typing a word like "endif", add the word to the
'indentkeys' option with "+=".

You normally set 'indentexpr' to evaluate a function and then define that
function.  That function only needs to be defined once for as long as Vim is
running.  Add a test if the function exists and use ":finish", like this:
	if exists("*GetMyIndent")
	  finish
	endif

The user may have several options set unlike you, try to write the file such
that it works with any option settings.  Also be aware of certain features not
being compiled in.

To test the indent file, see testdir/README.txt.