1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
From: Bram Moolenaar <Bram@vim.org>
Date: Tue, 20 Nov 2018 04:25:21 +0100
Subject: patch 8.1.0538: evaluating a modeline might invoke using a shell
command
Problem: Evaluating a modeline might invoke using a shell command. (Paul
Huber)
Solution: Set the sandbox flag when setting options from a modeline.
(cherry picked from commit 5958f95a40a4a44bd9e7f3b7ec6554a6ef3e42ca)
Signed-off-by: James McCoy <jamessan@debian.org>
---
src/buffer.c | 5 +++++
src/version.c | 2 ++
2 files changed, 7 insertions(+)
diff --git a/src/buffer.c b/src/buffer.c
index b79e277..42f6db9 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -5475,7 +5475,12 @@ chk_modeline(
save_SID = current_SID;
current_SID = SID_MODELINE;
#endif
+ // Make sure no risky things are executed as a side effect.
+ ++sandbox;
+
retval = do_set(s, OPT_MODELINE | OPT_LOCAL | flags);
+
+ --sandbox;
#ifdef FEAT_EVAL
current_SID = save_SID;
#endif
diff --git a/src/version.c b/src/version.c
index 0e63969..1c03403 100644
--- a/src/version.c
+++ b/src/version.c
@@ -1195,6 +1195,8 @@ static int included_patches[] =
*/
static char *(extra_patches[]) =
{ /* Add your patch description below this line */
+/**/
+ "8.1.0538",
/**/
"8.1.0506",
/**/
|
