From 38a831e54a7261fda06555bc7464546ecfcbf897 Mon Sep 17 00:00:00 2001
From: Sean Dewar <seandewar@users.noreply.github.com>
Date: Mon, 1 Nov 2021 16:21:16 +0000
Subject: vim-patch:7.4.1777

Problem:    Newly added features can escape the sandbox.
Solution:   Add checks for restricted and secure. (Yasuhiro Matsumoto)
https://github.com/vim/vim/commit/3849992b16011e36a5cb5be4b127f843389b96fd

timer_start is missing check_secure.

The timer callback can, for example, call a function defined from outside the sandbox that does
stuff that would be disallowed from inside the sandbox. This is usually not allowed.

Cherry-pick eval.txt change from:
https://github.com/vim/vim/commit/68e6560b84f196c82e27a72669684d5506a3a837

Required for v8.1.2013.
---
 src/nvim/eval/funcs.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src')

diff --git a/src/nvim/eval/funcs.c b/src/nvim/eval/funcs.c
index dfadd28ebe..33ca4016cf 100644
--- a/src/nvim/eval/funcs.c
+++ b/src/nvim/eval/funcs.c
@@ -11551,6 +11551,9 @@ static void f_timer_start(typval_T *argvars, typval_T *rettv, FunPtr fptr)
   dict_T *dict;
 
   rettv->vval.v_number = -1;
+  if (check_secure()) {
+    return;
+  }
 
   if (argvars[2].v_type != VAR_UNKNOWN) {
     if (argvars[2].v_type != VAR_DICT
-- 
cgit