diff options
| author | Abdelhakeem <abdelhakeem.osama@hotmail.com> | 2019-03-26 15:09:42 +0200 |
|---|---|---|
| committer | Abdelhakeem <abdelhakeem.osama@hotmail.com> | 2019-03-28 18:12:30 +0200 |
| commit | ebfff8e8028ababe6619bf57276d0120f9977988 (patch) | |
| tree | de0522f77b1fbcaa1cd96cb6af28ce5dac846917 /src | |
| parent | 5eaa45547975c652e594d0d6dbe34c1316873dc7 (diff) | |
| download | rneovim-ebfff8e8028ababe6619bf57276d0120f9977988.tar.gz rneovim-ebfff8e8028ababe6619bf57276d0120f9977988.tar.bz2 rneovim-ebfff8e8028ababe6619bf57276d0120f9977988.zip | |
vim-patch:8.1.0540: may evaluate insecure value when appending to option
Problem: May evaluate insecure value when appending to option.
Solution: Set the secure flag when changing an option that was previously
set insecurely. Also allow numbers for the characters from
'spelllang' that are used for LANG.vim.
https://github.com/vim/vim/commit/247bb7e43b47eb8407a1111bed60b61aceda52ad
Diffstat (limited to 'src')
| -rw-r--r-- | src/nvim/option.c | 42 |
1 files changed, 34 insertions, 8 deletions
diff --git a/src/nvim/option.c b/src/nvim/option.c index af2fe33505..258e67df01 100644 --- a/src/nvim/option.c +++ b/src/nvim/option.c @@ -1359,6 +1359,8 @@ do_set ( && nextchar != NUL && !ascii_iswhite(afterchar)) errmsg = e_trailing; } else { + int value_is_replaced = !prepending && !adding && !removing; + if (flags & P_BOOL) { /* boolean */ if (nextchar == '=' || nextchar == ':') { errmsg = e_invarg; @@ -1778,12 +1780,37 @@ do_set ( // buffer is closed by autocommands. saved_newval = (newval != NULL) ? xstrdup((char *)newval) : 0; - // Handle side effects, and set the global value for - // ":set" on local options. Note: when setting 'syntax' - // or 'filetype' autocommands may be triggered that can - // cause havoc. - errmsg = did_set_string_option(opt_idx, (char_u **)varp, - new_value_alloced, oldval, errbuf, opt_flags); + { + unsigned int *p = insecure_flag(opt_idx, opt_flags); + int did_inc_secure = FALSE; + + // When an option is set in the sandbox, from a + // modeline or in secure mode, then deal with side + // effects in secure mode. Also when the value was + // set with the P_INSECURE flag and is not + // completely replaced. + if (secure +#ifdef HAVE_SANDBOX + || sandbox != 0 +#endif + || (opt_flags & OPT_MODELINE) + || (!value_is_replaced && (*p & P_INSECURE))) + { + did_inc_secure = TRUE; + ++secure; + } + + // Handle side effects, and set the global value for + // ":set" on local options. Note: when setting 'syntax' + // or 'filetype' autocommands may be triggered that can + // cause havoc. + errmsg = did_set_string_option(opt_idx, (char_u **)varp, + new_value_alloced, oldval, errbuf, opt_flags); + + if (did_inc_secure) { + --secure; + } + } if (errmsg == NULL) { if (!starting) { @@ -1810,8 +1837,7 @@ do_set ( } if (opt_idx >= 0) - did_set_option(opt_idx, opt_flags, - !prepending && !adding && !removing); + did_set_option(opt_idx, opt_flags, value_is_replaced); } skip: |