vim-patch:8.1.0538: evaluating a modeline might invoke using a shell command

Problem: Evaluating a modeline might invoke using a shell command. (Paul Huber) Solution: Set the sandbox flag when setting options from a modeline. https://github.com/vim/vim/commit/5958f95a40a4a44bd9e7f3b7ec6554a6ef3e42ca
author: Jan Edmund Lazo <jan.lazo@mail.utoronto.ca> 2019-03-23 08:06:35 -0400
committer: Jan Edmund Lazo <jan.lazo@mail.utoronto.ca> 2019-03-23 08:09:27 -0400
commit: ca71c8219634d82bc6fbab2bbceb1c7c705cfed6 (patch)
tree: 61d3c57c9645610c9117389bad1f4e6e0f19514a
parent: 6b3775bbe27010d371c6e3f0e9df5a56d94aeaba (diff)
download: rneovim-ca71c8219634d82bc6fbab2bbceb1c7c705cfed6.tar.gz
rneovim-ca71c8219634d82bc6fbab2bbceb1c7c705cfed6.tar.bz2
rneovim-ca71c8219634d82bc6fbab2bbceb1c7c705cfed6.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/nvim/buffer.c b/src/nvim/buffer.c
index e333f552a8..d67783baa0 100644
--- a/src/nvim/buffer.c
+++ b/src/nvim/buffer.c
@@ -4943,7 +4943,12 @@ chk_modeline (
     if (*s != NUL) {                  /* skip over an empty "::" */
       save_SID = current_SID;
       current_SID = SID_MODELINE;
+      // Make sure no risky things are executed as a side effect.
+      sandbox++;
+
       retval = do_set(s, OPT_MODELINE | OPT_LOCAL | flags);
+
+      sandbox--;
       current_SID = save_SID;
       if (retval == FAIL)                     /* stop if error found */
         break;
author	Jan Edmund Lazo <jan.lazo@mail.utoronto.ca>	2019-03-23 08:06:35 -0400
committer	Jan Edmund Lazo <jan.lazo@mail.utoronto.ca>	2019-03-23 08:09:27 -0400
commit	ca71c8219634d82bc6fbab2bbceb1c7c705cfed6 (patch)
tree	61d3c57c9645610c9117389bad1f4e6e0f19514a
parent	6b3775bbe27010d371c6e3f0e9df5a56d94aeaba (diff)
download	rneovim-ca71c8219634d82bc6fbab2bbceb1c7c705cfed6.tar.gz rneovim-ca71c8219634d82bc6fbab2bbceb1c7c705cfed6.tar.bz2 rneovim-ca71c8219634d82bc6fbab2bbceb1c7c705cfed6.zip