[packages/vim.git] / 6.3.081

To: vim-dev@vim.org
Subject: Patch 6.3.081
Fcc: outbox
From: Bram Moolenaar <Bram@moolenaar.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
------------

Patch 6.3.081
Problem:    Unix: glob() may execute a shell command when it's not wanted.
	    (Georgi Guninski)
Solution:   Verify the sandbox flag is not set.
Files:	    src/os_unix.c


*** ../vim-6.3.080/src/os_unix.c	Sat Jan 29 16:14:42 2005
--- src/os_unix.c	Tue Jul 19 22:29:34 2005
***************
*** 4700,4706 ****
      /*
       * Don't allow the use of backticks in secure and restricted mode.
       */
!     if (secure || restricted)
  	for (i = 0; i < num_pat; ++i)
  	    if (vim_strchr(pat[i], '`') != NULL
  		    && (check_restricted() || check_secure()))
--- 4700,4710 ----
      /*
       * Don't allow the use of backticks in secure and restricted mode.
       */
!     if (secure || restricted
! # ifdef HAVE_SANDBOX
! 	    || sandbox != 0
! # endif
! 	    )
  	for (i = 0; i < num_pat; ++i)
  	    if (vim_strchr(pat[i], '`') != NULL
  		    && (check_restricted() || check_secure()))
*** ../vim-6.3.080/src/version.c	Mon Jul  4 12:19:01 2005
--- src/version.c	Tue Jul 19 22:26:32 2005
***************
*** 643,644 ****
--- 643,646 ----
  {   /* Add new patch number below this line */
+ /**/
+     81,
  /**/

-- 
    With sufficient thrust, pigs fly just fine.
                   -- RFC 1925

 /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net   \\\
///        Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\              Project leader for A-A-P -- http://www.A-A-P.org        ///
 \\\     Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html   ///
Commit	Line	Data
63868179 AG	1	To: vim-dev@vim.org
	2	Subject: Patch 6.3.081
	3	Fcc: outbox
	4	From: Bram Moolenaar <Bram@moolenaar.net>
	5	Mime-Version: 1.0
	6	Content-Type: text/plain; charset=ISO-8859-1
	7	Content-Transfer-Encoding: 8bit
	8	------------
	9
	10	Patch 6.3.081
	11	Problem: Unix: glob() may execute a shell command when it's not wanted.
	12	(Georgi Guninski)
	13	Solution: Verify the sandbox flag is not set.
	14	Files: src/os_unix.c
	15
	16
	17	*** ../vim-6.3.080/src/os_unix.c Sat Jan 29 16:14:42 2005
	18	--- src/os_unix.c Tue Jul 19 22:29:34 2005
	19	***************
	20	* 4700,4706 **
	21	/*
	22	* Don't allow the use of backticks in secure and restricted mode.
	23	*/
	24	! if (secure \|\| restricted)
	25	for (i = 0; i < num_pat; ++i)
	26	if (vim_strchr(pat[i], '`') != NULL
	27	&& (check_restricted() \|\| check_secure()))
	28	--- 4700,4710 ----
	29	/*
	30	* Don't allow the use of backticks in secure and restricted mode.
	31	*/
	32	! if (secure \|\| restricted
	33	! # ifdef HAVE_SANDBOX
	34	! \|\| sandbox != 0
	35	! # endif
	36	! )
	37	for (i = 0; i < num_pat; ++i)
	38	if (vim_strchr(pat[i], '`') != NULL
	39	&& (check_restricted() \|\| check_secure()))
	40	*** ../vim-6.3.080/src/version.c Mon Jul 4 12:19:01 2005
	41	--- src/version.c Tue Jul 19 22:26:32 2005
	42	***************
	43	* 643,644 **
	44	--- 643,646 ----
	45	{ /* Add new patch number below this line */
	46	+ /**/
	47	+ 81,
	48	/**/
	49
	50	--
	51	With sufficient thrust, pigs fly just fine.
	52	-- RFC 1925
	53
	54	/// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\
	55	/// Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
	56	\\\ Project leader for A-A-P -- http://www.A-A-P.org ///
	57	\\\ Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html ///