diff options
| -rw-r--r-- | runtime/doc/eval.txt | 2 | ||||
| -rw-r--r-- | src/nvim/eval/funcs.c | 3 | ||||
| -rw-r--r-- | test/functional/vimscript/timer_spec.lua | 10 |
3 files changed, 15 insertions, 0 deletions
diff --git a/runtime/doc/eval.txt b/runtime/doc/eval.txt index 758c93231d..234879218e 100644 --- a/runtime/doc/eval.txt +++ b/runtime/doc/eval.txt @@ -10171,6 +10171,8 @@ timer_start({time}, {callback} [, {options}]) \ {'repeat': 3}) < This invokes MyHandler() three times at 500 msec intervals. + Not available in the |sandbox|. + timer_stop({timer}) *timer_stop()* Stop a timer. The timer callback will no longer be invoked. {timer} is an ID returned by timer_start(), thus it must be a diff --git a/src/nvim/eval/funcs.c b/src/nvim/eval/funcs.c index dfadd28ebe..33ca4016cf 100644 --- a/src/nvim/eval/funcs.c +++ b/src/nvim/eval/funcs.c @@ -11551,6 +11551,9 @@ static void f_timer_start(typval_T *argvars, typval_T *rettv, FunPtr fptr) dict_T *dict; rettv->vval.v_number = -1; + if (check_secure()) { + return; + } if (argvars[2].v_type != VAR_UNKNOWN) { if (argvars[2].v_type != VAR_DICT diff --git a/test/functional/vimscript/timer_spec.lua b/test/functional/vimscript/timer_spec.lua index 9ee0735e40..e45b64422f 100644 --- a/test/functional/vimscript/timer_spec.lua +++ b/test/functional/vimscript/timer_spec.lua @@ -3,6 +3,7 @@ local Screen = require('test.functional.ui.screen') local feed, eq, eval, ok = helpers.feed, helpers.eq, helpers.eval, helpers.ok local source, nvim_async, run = helpers.source, helpers.nvim_async, helpers.run local clear, command, funcs = helpers.clear, helpers.command, helpers.funcs +local exc_exec = helpers.exc_exec local curbufmeths = helpers.curbufmeths local load_adjust = helpers.load_adjust local retry = helpers.retry @@ -262,4 +263,13 @@ describe('timers', function() eq(2, eval('g:val')) end) + + it("timer_start can't be used in the sandbox", function() + source [[ + function! Scary(timer) abort + call execute('echo ''execute() should be disallowed''', '') + endfunction + ]] + eq("Vim(call):E48: Not allowed in sandbox", exc_exec("sandbox call timer_start(0, 'Scary')")) + end) end) |