diff options
| author | Jan Edmund Lazo <jan.lazo@mail.utoronto.ca> | 2020-02-24 20:33:43 -0500 |
|---|---|---|
| committer | Jan Edmund Lazo <jan.lazo@mail.utoronto.ca> | 2020-03-01 20:02:09 -0500 |
| commit | d846f47cc88cd36da5ad8fd7e716552c80e3b418 (patch) | |
| tree | f136629e3dcd12f3fa2d11446fd8584ddf173d9f /src/nvim/eval/funcs.c | |
| parent | 3618fe9e8c67276bc262c6cde8526f42016c2f84 (diff) | |
| download | rneovim-d846f47cc88cd36da5ad8fd7e716552c80e3b418.tar.gz rneovim-d846f47cc88cd36da5ad8fd7e716552c80e3b418.tar.bz2 rneovim-d846f47cc88cd36da5ad8fd7e716552c80e3b418.zip | |
vim-patch:8.1.0881: can execute shell commands in rvim through interfaces
Problem: Can execute shell commands in rvim through interfaces.
Solution: Disable using interfaces in restricted mode. Allow for writing
file with writefile(), histadd() and a few others.
https://github.com/vim/vim/commit/8c62a08faf89663e5633dc5036cd8695c80f1075
Diffstat (limited to 'src/nvim/eval/funcs.c')
| -rw-r--r-- | src/nvim/eval/funcs.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/src/nvim/eval/funcs.c b/src/nvim/eval/funcs.c index 25e57d54f0..6d67279e64 100644 --- a/src/nvim/eval/funcs.c +++ b/src/nvim/eval/funcs.c @@ -4317,7 +4317,7 @@ static void f_histadd(typval_T *argvars, typval_T *rettv, FunPtr fptr) HistoryType histype; rettv->vval.v_number = false; - if (check_restricted() || check_secure()) { + if (check_secure()) { return; } const char *str = tv_get_string_chk(&argvars[0]); // NULL on type error @@ -7779,8 +7779,7 @@ static void f_setbufline(typval_T *argvars, typval_T *rettv, FunPtr fptr) */ static void f_setbufvar(typval_T *argvars, typval_T *rettv, FunPtr fptr) { - if (check_restricted() - || check_secure() + if (check_secure() || !tv_check_str_or_nr(&argvars[0])) { return; } @@ -8284,7 +8283,7 @@ static void f_settabvar(typval_T *argvars, typval_T *rettv, FunPtr fptr) { rettv->vval.v_number = 0; - if (check_restricted() || check_secure()) { + if (check_secure()) { return; } @@ -11005,7 +11004,7 @@ static void f_writefile(typval_T *argvars, typval_T *rettv, FunPtr fptr) { rettv->vval.v_number = -1; - if (check_restricted() || check_secure()) { + if (check_secure()) { return; } |