]>
Commit | Line | Data |
---|---|---|
193cbe32 AG |
1 | To: vim-dev@vim.org |
2 | Subject: Patch 6.3.045 | |
3 | Fcc: outbox | |
4 | From: Bram Moolenaar <Bram@moolenaar.net> | |
5 | Mime-Version: 1.0 | |
6 | Content-Type: text/plain; charset=ISO-8859-1 | |
7 | Content-Transfer-Encoding: 8bit | |
8 | ------------ | |
9 | ||
10 | Patch 6.3.045 | |
11 | Problem: Unusual characters in an option value may cause unexpected | |
12 | behavior, especially for a modeline. (Ciaran McCreesh) | |
13 | Solution: Don't allow setting termcap options or 'printdevice' or | |
14 | 'titleold' in a modeline. Don't list options for "termcap" | |
15 | and "all" in a modeline. Don't allow unusual characters in | |
16 | 'filetype', 'syntax', 'backupext', 'keymap', 'patchmode' and | |
17 | 'langmenu'. | |
18 | Files: src/option.c, runtime/doc/options.txt | |
19 | ||
20 | ||
21 | *** ../vim-6.3.044/src/option.c Mon Sep 13 16:36:12 2004 | |
22 | --- src/option.c Thu Dec 9 15:41:03 2004 | |
23 | *************** | |
24 | *** 293,298 **** | |
25 | --- 293,299 ---- | |
26 | #define P_SECURE 0x40000L/* cannot change in modeline or secure mode */ | |
27 | #define P_GETTEXT 0x80000L/* expand default value with _() */ | |
28 | #define P_NOGLOB 0x100000L/* do not use local value for global vimrc */ | |
29 | + #define P_NFNAME 0x200000L/* only normal file name chars allowed */ | |
30 | ||
31 | /* | |
32 | * options[] is initialized here. | |
33 | *************** | |
34 | *** 413,419 **** | |
35 | {"backupdir", "bdir", P_STRING|P_EXPAND|P_VI_DEF|P_COMMA|P_NODUP|P_SECURE, | |
36 | (char_u *)&p_bdir, PV_NONE, | |
37 | {(char_u *)DFLT_BDIR, (char_u *)0L}}, | |
38 | ! {"backupext", "bex", P_STRING|P_VI_DEF, | |
39 | (char_u *)&p_bex, PV_NONE, | |
40 | { | |
41 | #ifdef VMS | |
42 | --- 414,420 ---- | |
43 | {"backupdir", "bdir", P_STRING|P_EXPAND|P_VI_DEF|P_COMMA|P_NODUP|P_SECURE, | |
44 | (char_u *)&p_bdir, PV_NONE, | |
45 | {(char_u *)DFLT_BDIR, (char_u *)0L}}, | |
46 | ! {"backupext", "bex", P_STRING|P_VI_DEF|P_NFNAME, | |
47 | (char_u *)&p_bex, PV_NONE, | |
48 | { | |
49 | #ifdef VMS | |
50 | *************** | |
51 | *** 846,852 **** | |
52 | {"fileformats", "ffs", P_STRING|P_VIM|P_COMMA|P_NODUP, | |
53 | (char_u *)&p_ffs, PV_NONE, | |
54 | {(char_u *)DFLT_FFS_VI, (char_u *)DFLT_FFS_VIM}}, | |
55 | ! {"filetype", "ft", P_STRING|P_ALLOCED|P_VI_DEF|P_NOGLOB, | |
56 | #ifdef FEAT_AUTOCMD | |
57 | (char_u *)&p_ft, PV_FT, | |
58 | {(char_u *)"", (char_u *)0L} | |
59 | --- 847,853 ---- | |
60 | {"fileformats", "ffs", P_STRING|P_VIM|P_COMMA|P_NODUP, | |
61 | (char_u *)&p_ffs, PV_NONE, | |
62 | {(char_u *)DFLT_FFS_VI, (char_u *)DFLT_FFS_VIM}}, | |
63 | ! {"filetype", "ft", P_STRING|P_ALLOCED|P_VI_DEF|P_NOGLOB|P_NFNAME, | |
64 | #ifdef FEAT_AUTOCMD | |
65 | (char_u *)&p_ft, PV_FT, | |
66 | {(char_u *)"", (char_u *)0L} | |
67 | *************** | |
68 | *** 1284,1290 **** | |
69 | {(char_u *)0L, (char_u *)0L} | |
70 | #endif | |
71 | }, | |
72 | ! {"keymap", "kmp", P_STRING|P_ALLOCED|P_VI_DEF|P_RBUF|P_RSTAT, | |
73 | #ifdef FEAT_KEYMAP | |
74 | (char_u *)&p_keymap, PV_KMAP, | |
75 | {(char_u *)"", (char_u *)0L} | |
76 | --- 1285,1291 ---- | |
77 | {(char_u *)0L, (char_u *)0L} | |
78 | #endif | |
79 | }, | |
80 | ! {"keymap", "kmp", P_STRING|P_ALLOCED|P_VI_DEF|P_RBUF|P_RSTAT|P_NFNAME, | |
81 | #ifdef FEAT_KEYMAP | |
82 | (char_u *)&p_keymap, PV_KMAP, | |
83 | {(char_u *)"", (char_u *)0L} | |
84 | *************** | |
85 | *** 1330,1336 **** | |
86 | {(char_u *)NULL, | |
87 | #endif | |
88 | (char_u *)0L}}, | |
89 | ! {"langmenu", "lm", P_STRING|P_VI_DEF, | |
90 | #if defined(FEAT_MENU) && defined(FEAT_MULTI_LANG) | |
91 | (char_u *)&p_lm, PV_NONE, | |
92 | #else | |
93 | --- 1331,1337 ---- | |
94 | {(char_u *)NULL, | |
95 | #endif | |
96 | (char_u *)0L}}, | |
97 | ! {"langmenu", "lm", P_STRING|P_VI_DEF|P_NFNAME, | |
98 | #if defined(FEAT_MENU) && defined(FEAT_MULTI_LANG) | |
99 | (char_u *)&p_lm, PV_NONE, | |
100 | #else | |
101 | *************** | |
102 | *** 1562,1568 **** | |
103 | {(char_u *)0L, (char_u *)0L} | |
104 | #endif | |
105 | }, | |
106 | ! {"patchmode", "pm", P_STRING|P_VI_DEF, | |
107 | (char_u *)&p_pm, PV_NONE, | |
108 | {(char_u *)"", (char_u *)0L}}, | |
109 | {"path", "pa", P_STRING|P_EXPAND|P_VI_DEF|P_COMMA|P_NODUP, | |
110 | --- 1563,1569 ---- | |
111 | {(char_u *)0L, (char_u *)0L} | |
112 | #endif | |
113 | }, | |
114 | ! {"patchmode", "pm", P_STRING|P_VI_DEF|P_NFNAME, | |
115 | (char_u *)&p_pm, PV_NONE, | |
116 | {(char_u *)"", (char_u *)0L}}, | |
117 | {"path", "pa", P_STRING|P_EXPAND|P_VI_DEF|P_COMMA|P_NODUP, | |
118 | *************** | |
119 | *** 1595,1601 **** | |
120 | (char_u *)NULL, PV_NONE, | |
121 | #endif | |
122 | {(char_u *)FALSE, (char_u *)0L}}, | |
123 | ! {"printdevice", "pdev", P_STRING|P_VI_DEF, | |
124 | #ifdef FEAT_PRINTER | |
125 | (char_u *)&p_pdev, PV_NONE, | |
126 | {(char_u *)"", (char_u *)0L} | |
127 | --- 1596,1602 ---- | |
128 | (char_u *)NULL, PV_NONE, | |
129 | #endif | |
130 | {(char_u *)FALSE, (char_u *)0L}}, | |
131 | ! {"printdevice", "pdev", P_STRING|P_VI_DEF|P_SECURE, | |
132 | #ifdef FEAT_PRINTER | |
133 | (char_u *)&p_pdev, PV_NONE, | |
134 | {(char_u *)"", (char_u *)0L} | |
135 | *************** | |
136 | *** 1981,1987 **** | |
137 | {"switchbuf", "swb", P_STRING|P_VI_DEF|P_COMMA|P_NODUP, | |
138 | (char_u *)&p_swb, PV_NONE, | |
139 | {(char_u *)"", (char_u *)0L}}, | |
140 | ! {"syntax", "syn", P_STRING|P_ALLOCED|P_VI_DEF|P_NOGLOB, | |
141 | #ifdef FEAT_SYN_HL | |
142 | (char_u *)&p_syn, PV_SYN, | |
143 | {(char_u *)"", (char_u *)0L} | |
144 | --- 1982,1988 ---- | |
145 | {"switchbuf", "swb", P_STRING|P_VI_DEF|P_COMMA|P_NODUP, | |
146 | (char_u *)&p_swb, PV_NONE, | |
147 | {(char_u *)"", (char_u *)0L}}, | |
148 | ! {"syntax", "syn", P_STRING|P_ALLOCED|P_VI_DEF|P_NOGLOB|P_NFNAME, | |
149 | #ifdef FEAT_SYN_HL | |
150 | (char_u *)&p_syn, PV_SYN, | |
151 | {(char_u *)"", (char_u *)0L} | |
152 | *************** | |
153 | *** 2086,2092 **** | |
154 | (char_u *)NULL, PV_NONE, | |
155 | #endif | |
156 | {(char_u *)85L, (char_u *)0L}}, | |
157 | ! {"titleold", NULL, P_STRING|P_VI_DEF|P_GETTEXT, | |
158 | #ifdef FEAT_TITLE | |
159 | (char_u *)&p_titleold, PV_NONE, | |
160 | {(char_u *)N_("Thanks for flying Vim"), | |
161 | --- 2087,2093 ---- | |
162 | (char_u *)NULL, PV_NONE, | |
163 | #endif | |
164 | {(char_u *)85L, (char_u *)0L}}, | |
165 | ! {"titleold", NULL, P_STRING|P_VI_DEF|P_GETTEXT|P_SECURE, | |
166 | #ifdef FEAT_TITLE | |
167 | (char_u *)&p_titleold, PV_NONE, | |
168 | {(char_u *)N_("Thanks for flying Vim"), | |
169 | *************** | |
170 | *** 2321,2327 **** | |
171 | {(char_u *)0L, (char_u *)0L}}, | |
172 | ||
173 | /* terminal output codes */ | |
174 | ! #define p_term(sss, vvv) {sss, NULL, P_STRING|P_VI_DEF|P_RALL, \ | |
175 | (char_u *)&vvv, PV_NONE, \ | |
176 | {(char_u *)"", (char_u *)0L}}, | |
177 | ||
178 | --- 2322,2328 ---- | |
179 | {(char_u *)0L, (char_u *)0L}}, | |
180 | ||
181 | /* terminal output codes */ | |
182 | ! #define p_term(sss, vvv) {sss, NULL, P_STRING|P_VI_DEF|P_RALL|P_SECURE, \ | |
183 | (char_u *)&vvv, PV_NONE, \ | |
184 | {(char_u *)"", (char_u *)0L}}, | |
185 | ||
186 | *************** | |
187 | *** 3310,3316 **** | |
188 | errmsg = NULL; | |
189 | startarg = arg; /* remember for error message */ | |
190 | ||
191 | ! if (STRNCMP(arg, "all", 3) == 0 && !isalpha(arg[3])) | |
192 | { | |
193 | /* | |
194 | * ":set all" show all options. | |
195 | --- 3311,3318 ---- | |
196 | errmsg = NULL; | |
197 | startarg = arg; /* remember for error message */ | |
198 | ||
199 | ! if (STRNCMP(arg, "all", 3) == 0 && !isalpha(arg[3]) | |
200 | ! && !(opt_flags & OPT_MODELINE)) | |
201 | { | |
202 | /* | |
203 | * ":set all" show all options. | |
204 | *************** | |
205 | *** 3326,3332 **** | |
206 | else | |
207 | showoptions(1, opt_flags); | |
208 | } | |
209 | ! else if (STRNCMP(arg, "termcap", 7) == 0) | |
210 | { | |
211 | showoptions(2, opt_flags); | |
212 | show_termcodes(); | |
213 | --- 3328,3334 ---- | |
214 | else | |
215 | showoptions(1, opt_flags); | |
216 | } | |
217 | ! else if (STRNCMP(arg, "termcap", 7) == 0 && !(opt_flags & OPT_MODELINE)) | |
218 | { | |
219 | showoptions(2, opt_flags); | |
220 | show_termcodes(); | |
221 | *************** | |
222 | *** 4611,4616 **** | |
223 | --- 4613,4627 ---- | |
224 | ) && (options[opt_idx].flags & P_SECURE)) | |
225 | { | |
226 | errmsg = e_secure; | |
227 | + } | |
228 | + | |
229 | + /* Check for a "normal" file name in some options. Disallow a path | |
230 | + * separator (slash and/or backslash), wildcards and characters that are | |
231 | + * often illegal in a file name. */ | |
232 | + else if ((options[opt_idx].flags & P_NFNAME) | |
233 | + && vim_strpbrk(*varp, "/\\*?[|<>") != NULL) | |
234 | + { | |
235 | + errmsg = e_invarg; | |
236 | } | |
237 | ||
238 | /* 'term' */ | |
239 | *** ../vim-6.3.044/runtime/doc/options.txt Wed Jun 9 14:56:28 2004 | |
240 | --- runtime/doc/options.txt Thu Dec 9 16:39:07 2004 | |
241 | *************** | |
242 | *** 1,4 **** | |
243 | ! *options.txt* For Vim version 6.3. Last change: 2004 Jun 01 | |
244 | ||
245 | ||
246 | VIM REFERENCE MANUAL by Bram Moolenaar | |
247 | --- 1,4 ---- | |
248 | ! *options.txt* For Vim version 6.3. Last change: 2004 Dec 09 | |
249 | ||
250 | ||
251 | VIM REFERENCE MANUAL by Bram Moolenaar | |
252 | *************** | |
253 | *** 139,144 **** | |
254 | --- 139,147 ---- | |
255 | (the ^[ is a real <Esc> here, use CTRL-V <Esc> to enter it) | |
256 | The advantage over a mapping is that it works in all situations. | |
257 | ||
258 | + The t_xx options cannot be set from a |modeline| or in the |sandbox|, for | |
259 | + security reasons. | |
260 | + | |
261 | The listing from ":set" looks different from Vi. Long string options are put | |
262 | at the end of the list. The number of options is quite large. The output of | |
263 | "set all" probably does not fit on the screen, causing Vim to give the | |
264 | *************** | |
265 | *** 945,950 **** | |
266 | --- 948,954 ---- | |
267 | accidentally overwriting existing files with a backup file. You might | |
268 | prefer using ".bak", but make sure that you don't have files with | |
269 | ".bak" that you want to keep. | |
270 | + Only normal file name characters can be used, "/\*?[|<>" are illegal. | |
271 | ||
272 | *'backupskip'* *'bsk'* | |
273 | 'backupskip' 'bsk' string (default: "/tmp/*,$TMPDIR/*,$TMP/*,$TEMP/*") | |
274 | *************** | |
275 | *** 2407,2412 **** | |
276 | --- 2411,2417 ---- | |
277 | type that is actually stored with the file. | |
278 | This option is not copied to another buffer, independent of the 's' or | |
279 | 'S' flag in 'cpoptions'. | |
280 | + Only normal file name characters can be used, "/\*?[|<>" are illegal. | |
281 | ||
282 | *'fillchars'* *'fcs'* | |
283 | 'fillchars' 'fcs' string (default "vert:|,fold:-") | |
284 | *************** | |
285 | *** 3599,3604 **** | |
286 | --- 3604,3610 ---- | |
287 | Setting this option to a valid keymap name has the side effect of | |
288 | setting 'iminsert' to one, so that the keymap becomes effective. | |
289 | 'imsearch' is also set to one, unless it was -1 | |
290 | + Only normal file name characters can be used, "/\*?[|<>" are illegal. | |
291 | ||
292 | *'keymodel'* *'km'* | |
293 | 'keymodel' 'km' string (default "") | |
294 | *************** | |
295 | *** 3690,3695 **** | |
296 | --- 3696,3702 ---- | |
297 | matter what $LANG is set to: > | |
298 | :set langmenu=nl_NL.ISO_8859-1 | |
299 | < When 'langmenu' is empty, |v:lang| is used. | |
300 | + Only normal file name characters can be used, "/\*?[|<>" are illegal. | |
301 | If your $LANG is set to a non-English language but you do want to use | |
302 | the English menus: > | |
303 | :set langmenu=none | |
304 | *************** | |
305 | *** 4310,4315 **** | |
306 | --- 4317,4323 ---- | |
307 | Using 'patchmode' for compressed files appends the extension at the | |
308 | end (e.g., "file.gz.orig"), thus the resulting name isn't always | |
309 | recognized as a compressed file. | |
310 | + Only normal file name characters can be used, "/\*?[|<>" are illegal. | |
311 | ||
312 | *'path'* *'pa'* *E343* *E345* *E347* | |
313 | 'path' 'pa' string (default on Unix: ".,/usr/include,," | |
314 | *************** | |
315 | *** 4424,4429 **** | |
316 | --- 4432,4439 ---- | |
317 | in the standard printer dialog. | |
318 | If the option is empty, then vim will use the system default printer | |
319 | for ":hardcopy!" | |
320 | + This option cannot be set from a |modeline| or in the |sandbox|, for | |
321 | + security reasons. | |
322 | ||
323 | *'printencoding'* *'penc'* *E620* | |
324 | 'printencoding' 'penc' String (default empty, except for: | |
325 | *************** | |
326 | *** 5711,5716 **** | |
327 | --- 5721,5727 ---- | |
328 | Syntax autocommand event is triggered with the value as argument. | |
329 | This option is not copied to another buffer, independent of the 's' or | |
330 | 'S' flag in 'cpoptions'. | |
331 | + Only normal file name characters can be used, "/\*?[|<>" are illegal. | |
332 | ||
333 | *'tabstop'* *'ts'* | |
334 | 'tabstop' 'ts' number (default 8) | |
335 | *************** | |
336 | *** 6089,6094 **** | |
337 | --- 6100,6107 ---- | |
338 | This option will be used for the window title when exiting Vim if the | |
339 | original title cannot be restored. Only happens if 'title' is on or | |
340 | 'titlestring' is not empty. | |
341 | + This option cannot be set from a |modeline| or in the |sandbox|, for | |
342 | + security reasons. | |
343 | *'titlestring'* | |
344 | 'titlestring' string (default "") | |
345 | global | |
346 | *** ../vim-6.3.044/src/version.c Wed Dec 8 21:51:39 2004 | |
347 | --- src/version.c Thu Dec 9 16:23:34 2004 | |
348 | *************** | |
349 | *** 643,644 **** | |
350 | --- 643,646 ---- | |
351 | { /* Add new patch number below this line */ | |
352 | + /**/ | |
353 | + 45, | |
354 | /**/ | |
355 | ||
356 | -- | |
357 | How To Keep A Healthy Level Of Insanity: | |
358 | 7. Finish all your sentences with "in accordance with the prophecy". | |
359 | ||
360 | /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ | |
361 | /// Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ | |
362 | \\\ Project leader for A-A-P -- http://www.A-A-P.org /// | |
363 | \\\ Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html /// |