Mercurial > vim

view src/ascii.h @ 33664:06b59278bfcf v9.0.2070

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.0.2070: [security] disallow setting env in restricted mode Commit: https://github.com/vim/vim/commit/6b89dd6a7257a1e2e9c7ea070b407bc4674a5118 Author: Christian Brabandt <cb@256bit.org> Date: Thu Oct 26 22:14:17 2023 +0200 patch 9.0.2070: [security] disallow setting env in restricted mode Problem: [security] disallow setting env in restricted mode Solution: Setting environment variables in restricted mode could potentially be used to execute shell commands. Disallow this. restricted mode: disable allow setting of environment variables Setting environment variables in restricted mode, may have some unwanted consequences. So, for example by setting $GCONV_PATH in restricted mode and then calling the iconv() function, one may be able to execute some unwanted payload, because the `iconv_open()` function internally uses the `$GCONV_PATH` variable to find its conversion data. So let's disable setting environment variables, even so this is no complete protection, since we are not clearing the existing environment. I tried a few ways but wasn't successful :( One could also argue to disable the iconv() function completely in restricted mode, but who knows what other API functions can be influenced by setting some other unrelated environment variables. So let's leave it as it is currently. closes: #13394 See: https://huntr.com/bounties/b0a2eda1-459c-4e36-98e6-0cc7d7faccfe/ Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Thu, 26 Oct 2023 22:30:03 +0200
parents fb4c30606b4a
children
line wrap: on
line source

/* vi:set ts=8 sts=4 sw=4 noet:
 *
 * VIM - Vi IMproved	by Bram Moolenaar
 *
 * Do ":help uganda"  in Vim to read copying and usage conditions.
 * Do ":help credits" in Vim to see a list of people who contributed.
 */

/*
 * Definitions of various common control characters.
 */

#define CharOrd(x)	((x) < 'a' ? (x) - 'A' : (x) - 'a')
#define CharOrdLow(x)	((x) - 'a')
#define CharOrdUp(x)	((x) - 'A')
#define ROT13(c, a)	(((((c) - (a)) + 13) % 26) + (a))

#define NUL		'\000'
#define BELL		'\007'
#define BS		'\010'
#define TAB		'\011'
#define NL		'\012'
#define NL_STR		(char_u *)"\012"
#define FF		'\014'
#define CAR		'\015'	// CR is used by Mac OS X
#define ESC		'\033'
#define ESC_STR		(char_u *)"\033"
#define ESC_STR_nc	"\033"
#define DEL		0x7f
#define DEL_STR		(char_u *)"\177"

#define POUND		0xA3

#define Ctrl_chr(x)	(TOUPPER_ASC(x) ^ 0x40) // '?' -> DEL, '@' -> ^@, etc.
#define Meta(x)		((x) | 0x80)

#define CTRL_F_STR	"\006"
#define CTRL_H_STR	"\010"
#define CTRL_V_STR	"\026"

#define Ctrl_AT		0   // @
#define Ctrl_A		1
#define Ctrl_B		2
#define Ctrl_C		3
#define Ctrl_D		4
#define Ctrl_E		5
#define Ctrl_F		6
#define Ctrl_G		7
#define Ctrl_H		8
#define Ctrl_I		9
#define Ctrl_J		10
#define Ctrl_K		11
#define Ctrl_L		12
#define Ctrl_M		13
#define Ctrl_N		14
#define Ctrl_O		15
#define Ctrl_P		16
#define Ctrl_Q		17
#define Ctrl_R		18
#define Ctrl_S		19
#define Ctrl_T		20
#define Ctrl_U		21
#define Ctrl_V		22
#define Ctrl_W		23
#define Ctrl_X		24
#define Ctrl_Y		25
#define Ctrl_Z		26
			    // CTRL- [ Left Square Bracket == ESC
#define Ctrl_BSL	28  // \ BackSLash
#define Ctrl_RSB	29  // ] Right Square Bracket
#define Ctrl_HAT	30  // ^
#define Ctrl__		31

#define CSI		0x9b	// Control Sequence Introducer
#define CSI_STR		"\233"
#define DCS		0x90	// Device Control String
#define OSC		0x9d	// Operating System Command
#define STERM		0x9c	// String Terminator

/*
 * Character that separates dir names in a path.
 * For MS-DOS, WIN32 and OS/2 we use a backslash.  A slash mostly works
 * fine, but there are places where it doesn't (e.g. in a command name).
 * For Acorn we use a dot.
 */
#ifdef BACKSLASH_IN_FILENAME
# define PATHSEP	psepc
# define PATHSEPSTR	pseps
#else
# define PATHSEP	'/'
# define PATHSEPSTR	"/"
#endif