Mercurial > vim
view runtime/syntax/routeros.vim @ 33096:828bcb1a37e7 v9.0.1833
patch 9.0.1833: [security] runtime file fixes
Commit: https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c
Author: Christian Brabandt <cb@256bit.org>
Date: Thu Aug 31 23:52:30 2023 +0200
patch 9.0.1833: [security] runtime file fixes
Problem: runtime files may execute code in current dir
Solution: only execute, if not run from current directory
The perl, zig and ruby filetype plugins and the zip and gzip autoload
plugins may try to load malicious executable files from the current
working directory. This is especially a problem on windows, where the
current directory is implicitly in your $PATH and windows may even run a
file with the extension `.bat` because of $PATHEXT.
So make sure that we are not trying to execute a file from the current
directory. If this would be the case, error out (for the zip and gzip)
plugins or silently do not run those commands (for the ftplugins).
This assumes, that only the current working directory is bad. For all
other directories, it is assumed that those directories were
intentionally set to the $PATH by the user.
Signed-off-by: Christian Brabandt <cb@256bit.org>
author | Christian Brabandt <cb@256bit.org> |
---|---|
date | Fri, 01 Sep 2023 00:00:02 +0200 |
parents | 624439a39432 |
children |
line wrap: on
line source
" Vim syntax file " Language: MikroTik RouterOS Script " Maintainer: zainin <z@wintr.dev> " Original Author: ndbjorne @ MikroTik forums " Last Change: 2021 Nov 14 " quit when a syntax file was already loaded if exists("b:current_syntax") finish endif syn case ignore syn iskeyword @,48-57,- " comments syn match routerosComment /^\s*\zs#.*/ " options submenus: /interface ether1 etc syn match routerosSubMenu "\([a-z]\)\@<!/[a-zA-Z0-9-]*" " variables are matched by looking at strings ending with "=", e.g. var= syn match routerosVariable "[a-zA-Z0-9-/]*\(=\)\@=" syn match routerosVariable "$[a-zA-Z0-9-]*" " colored for clarity syn match routerosDelimiter "[,=]" " match slash in CIDR notation (1.2.3.4/24, 2001:db8::/48, ::1/128) syn match routerosDelimiter "\(\x\|:\)\@<=\/\(\d\)\@=" " dash in IP ranges syn match routerosDelimiter "\(\x\|:\)\@<=-\(\x\|:\)\@=" " match service names after "set", like in original routeros syntax syn match routerosService "\(set\)\@<=\s\(api-ssl\|api\|dns\|ftp\|http\|https\|pim\|ntp\|smb\|ssh\|telnet\|winbox\|www\|www-ssl\)" " colors various interfaces syn match routerosInterface "bridge\d\+\|ether\d\+\|wlan\d\+\|pppoe-\(out\|in\)\d\+" syn keyword routerosBoolean yes no true false syn keyword routerosConditional if " operators syn match routerosOperator " \zs[-+*<>=!~^&.,]\ze " syn match routerosOperator "[<>!]=" syn match routerosOperator "<<\|>>" syn match routerosOperator "[+-]\d\@=" syn keyword routerosOperator and or in " commands syn keyword routerosCommands beep delay put len typeof pick log time set find environment syn keyword routerosCommands terminal error parse resolve toarray tobool toid toip toip6 syn keyword routerosCommands tonum tostr totime add remove enable disable where get print syn keyword routerosCommands export edit find append as-value brief detail count-only file syn keyword routerosCommands follow follow-only from interval terse value-list without-paging syn keyword routerosCommands return " variable types syn keyword routerosType global local " loop keywords syn keyword routerosRepeat do while for foreach syn match routerosSpecial "[():[\]{|}]" syn match routerosLineContinuation "\\$" syn match routerosEscape "\\["\\nrt$?_abfv]" contained display syn match routerosEscape "\\\x\x" contained display syn region routerosString start=+"+ skip=+\\\\\|\\"+ end=+"+ contains=routerosEscape,routerosLineContinuation hi link routerosComment Comment hi link routerosSubMenu Function hi link routerosVariable Identifier hi link routerosDelimiter Operator hi link routerosEscape Special hi link routerosService Type hi link routerosInterface Type hi link routerosBoolean Boolean hi link routerosConditional Conditional hi link routerosOperator Operator hi link routerosCommands Operator hi link routerosType Type hi link routerosRepeat Repeat hi link routerosSpecial Delimiter hi link routerosString String hi link routerosLineContinuation Special let b:current_syntax = "routeros"