official patches for vim.

[packages/vim.git] / 5.7.018

To: vim-dev@vim.org
Subject: Patch 5.7.018
Fcc: outbox
From: Bram Moolenaar <Bram@moolenaar.net>
------------

Patch 5.7.018
Problem:    When running "rvim" or "vim -Z" it was still possible to execute a
            shell command with system() and backtick-expansion. (Antonios A.
            Kavarnos)
Solution:   Disallow executing a shell command in get_cmd_output() and
            mch_expand_wildcards().
Files:      src/misc1.c, src/os_unix.c


*** ../vim-5.7.17/src/misc1.c   Tue Jun 20 21:30:53 2000
--- src/misc1.c Thu Nov 16 16:45:35 2000
***************
*** 5695,5700 ****
--- 5695,5703 ----
      int               i = 0;
      FILE      *fd;
  
+     if (check_restricted() || check_secure())
+       return NULL;
+ 
      /* get a name for the temp file */
      if ((tempname = vim_tempname('o')) == NULL)
      {
*** ../vim-5.7.17/src/os_unix.c Wed Jun  7 17:24:21 2000
--- src/os_unix.c       Thu Nov 16 17:02:34 2000
***************
*** 3334,3339 ****
--- 3334,3348 ----
      if (!have_wildcard(num_pat, pat))
        return save_patterns(num_pat, pat, num_file, file);
  
+     /*
+      * Don't allow the use of backticks in secure and restricted mode.
+      */
+     if (secure || restricted)
+       for (i = 0; i < num_pat; ++i)
+           if (vim_strchr(pat[i], '`') != NULL
+                   && (check_restricted() || check_secure()))
+               return FAIL;
+ 
  /*
   * get a name for the temp file
   */
*** ../vim-5.7.17/src/version.c Thu Nov 16 17:06:52 2000
--- src/version.c       Thu Nov 16 16:45:44 2000
***************
*** 439,440 ****
--- 439,442 ----
  {   /* Add new patch number below this line */
+ /**/
+     18,
  /**/

-- 
hundred-and-one symptoms of being an internet addict:
156. You forget your friend's name but not her e-mail address.

///  Bram Moolenaar     Bram@moolenaar.net     http://www.moolenaar.net  \\\
\\\  Vim: http://www.vim.org      ICCF Holland: http://iccf-holland.org  ///