]> git.pld-linux.org Git - packages/vim.git/blob - 6.3.082
projects / packages / vim.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
- rel 1; kvim is being dropped (no longer maintained - use yzis.spec as kde alternative)
[packages/vim.git] / 6.3.082
1 To: vim-dev@vim.org
2 Subject: Patch 6.3.082
3 Fcc: outbox
4 From: Bram Moolenaar <Bram@moolenaar.net>
5 Mime-Version: 1.0
6 Content-Type: text/plain; charset=ISO-8859-1
7 Content-Transfer-Encoding: 8bit
8 ------------
9
10 Patch 6.3.082 (after 6.3.081)
11 Problem:    Unix: expand() may execute a shell command when it's not wanted.
12             (Georgi Guninski)
13 Solution:   A more generic solution than 6.3.081.
14 Files:      src/os_unix.c
15     
16
17 *** ../vim-6.3.081/src/os_unix.c        Tue Jul 19 22:31:54 2005
18 --- src/os_unix.c       Wed Jul 20 10:54:12 2005
19 ***************
20 *** 4697,4710 ****
21       if (!have_wildcard(num_pat, pat))
22         return save_patterns(num_pat, pat, num_file, file);
23   
24       /*
25        * Don't allow the use of backticks in secure and restricted mode.
26        */
27 !     if (secure || restricted
28 ! # ifdef HAVE_SANDBOX
29 !           || sandbox != 0
30 ! # endif
31 !           )
32         for (i = 0; i < num_pat; ++i)
33             if (vim_strchr(pat[i], '`') != NULL
34                     && (check_restricted() || check_secure()))
35 --- 4697,4712 ----
36       if (!have_wildcard(num_pat, pat))
37         return save_patterns(num_pat, pat, num_file, file);
38   
39 + # ifdef HAVE_SANDBOX
40 +     /* Don't allow any shell command in the sandbox. */
41 +     if (sandbox != 0 && check_secure())
42 +       return FAIL;
43 + # endif
44
45       /*
46        * Don't allow the use of backticks in secure and restricted mode.
47        */
48 !     if (secure || restricted)
49         for (i = 0; i < num_pat; ++i)
50             if (vim_strchr(pat[i], '`') != NULL
51                     && (check_restricted() || check_secure()))
52 *** ../vim-6.3.081/src/version.c        Tue Jul 19 22:31:54 2005
53 --- src/version.c       Wed Jul 20 11:03:50 2005
54 ***************
55 *** 643,644 ****
56 --- 643,646 ----
57   {   /* Add new patch number below this line */
58 + /**/
59 +     82,
60   /**/
61
62 -- 
63 No letters of the alphabet were harmed in the creation of this message.
64
65  /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net   \\\
66 ///        Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
67 \\\              Project leader for A-A-P -- http://www.A-A-P.org        ///
68  \\\     Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html   ///
Vi IMproved - a Vi clone
This page took 0.037483 seconds and 3 git commands to generate.