Mercurial > vim

view runtime/indent/dts.vim @ 33664:06b59278bfcf v9.0.2070

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.0.2070: [security] disallow setting env in restricted mode Commit: https://github.com/vim/vim/commit/6b89dd6a7257a1e2e9c7ea070b407bc4674a5118 Author: Christian Brabandt <cb@256bit.org> Date: Thu Oct 26 22:14:17 2023 +0200 patch 9.0.2070: [security] disallow setting env in restricted mode Problem: [security] disallow setting env in restricted mode Solution: Setting environment variables in restricted mode could potentially be used to execute shell commands. Disallow this. restricted mode: disable allow setting of environment variables Setting environment variables in restricted mode, may have some unwanted consequences. So, for example by setting $GCONV_PATH in restricted mode and then calling the iconv() function, one may be able to execute some unwanted payload, because the `iconv_open()` function internally uses the `$GCONV_PATH` variable to find its conversion data. So let's disable setting environment variables, even so this is no complete protection, since we are not clearing the existing environment. I tried a few ways but wasn't successful :( One could also argue to disable the iconv() function completely in restricted mode, but who knows what other API functions can be influenced by setting some other unrelated environment variables. So let's leave it as it is currently. closes: #13394 See: https://huntr.com/bounties/b0a2eda1-459c-4e36-98e6-0cc7d7faccfe/ Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Thu, 26 Oct 2023 22:30:03 +0200
parents 695b50472e85
children
line wrap: on
line source

" Vim indent file
" Language:		Device Tree
" Maintainer:		Roland Hieber, Pengutronix <rhi@pengutronix.de>
"
if exists("b:did_indent")
    finish
endif
let b:did_indent = 1

setlocal autoindent
setlocal nosmartindent
setlocal indentkeys=o,O,0},0<>>,!<Ctrl-F>
setlocal indentexpr=GetDTSIndent()
setlocal nolisp

let b:undo_indent = 'setl autoindent< smartindent< indentkeys< indentexpr< lisp<'

function GetDTSIndent()
    let sw        = shiftwidth()
    let lnum      = v:lnum
    let line      = getline(lnum)
    let prevline  = getline(prevnonblank(lnum-1))
    let prevind   = indent(prevnonblank(lnum-1))

    if prevnonblank(lnum-1) < 1
        return 0
    endif

    " Don't indent header and preprocessor directives
    if line =~ '^\s*\(/dts-\|#\(include\|define\|undef\|warn\(ing\)\?\|error\|if\(n\?def\)\?\|else\|elif\|endif\)\)'
        return 0

    " Don't indent /node and &label blocks
    elseif line =~ '^\s*[/&].\+{\s*$'
        return 0

    " Indent to matching bracket or remove one shiftwidth if line begins with } or >
    elseif line =~ '^\s*[}>]'
        " set cursor to closing bracket on current line
        let col = matchend(line, '^\s*[>}]')
        call cursor(lnum, col)
        
        " determine bracket type, {} or <>
        let pair = strpart('{}<>', stridx('}>', line[col-1]) * 2, 2)

        " find matching bracket pair
        let pairline = searchpair(pair[0], '', pair[1], 'bW')

        if pairline > 0 
            return indent(pairline)
        else
            return prevind - sw
        endif

    " else, add one level of indent if line ends in { or < or = or ,
    elseif prevline =~ '[{<=,]$'
        return prevind + sw

    else
        return prevind
    endif

endfunction