casa-mp-base
Public
Source
To: vim_dev@googlegroups.comSubject: Patch 8.1.1365Fcc: outboxFrom: Bram Moolenaar <Bram@moolenaar.net>Mime-Version: 1.0Content-Type: text/plain; charset=UTF-8Content-Transfer-Encoding: 8bit------------Patch 8.1.1365Problem: Source command doesn't check for the sandbox. (Armin Razmjou)Solution: Check for the sandbox when sourcing a file.Files: src/getchar.c, src/testdir/test_source.vim*** ../vim-8.1.1364/src/getchar.c 2019-05-19 21:57:05.670320399 +0200--- src/getchar.c 2019-05-22 20:33:44.175220749 +0200****************** 1407,1412 ****--- 1407,1418 ---- emsg(_(e_nesting)); return; }+ + // Disallow sourcing a file in the sandbox, the commands would be executed+ // later, possibly outside of the sandbox.+ if (check_secure())+ return;+ #ifdef FEAT_EVAL if (ignore_script) /* Not reading from script, also don't open one. Warning message? */*** ../vim-8.1.1364/src/testdir/test_source.vim 2019-01-12 13:25:42.633479785 +0100--- src/testdir/test_source.vim 2019-05-22 20:44:58.887015783 +0200****************** 36,38 ****--- 36,47 ---- au! SourcePre au! SourcePost endfunc+ + func Test_source_sandbox()+ new+ call writefile(["Ohello\<Esc>"], 'Xsourcehello')+ source! Xsourcehello | echo+ call assert_equal('hello', getline(1))+ call assert_fails('sandbox source! Xsourcehello', 'E48:')+ bwipe!+ endfunc*** ../vim-8.1.1364/src/version.c 2019-05-21 23:08:56.969600854 +0200--- src/version.c 2019-05-22 22:37:10.196825450 +0200****************** 769,770 ****--- 769,772 ---- { /* Add new patch number below this line */+ /**/+ 1365, /**/-- hundred-and-one symptoms of being an internet addict:13. You refer to going to the bathroom as downloading.