jkunstle / rpms / vim

Forked from rpms/vim 3 years ago
Clone
Source Code
GIT

Blame SOURCES/0001-patch-8.1.1365-source-command-doesn-t-check-for-the-.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s
  1.   3ef2ca07561c67342c3ad9d96ba9ff49f2308457
  2.   SOURCES
  3.   0001-patch-8.1.1365-source-command-doesn-t-check-for-the-.patch
Blob History Raw
3ef2ca 
diff -up vim80/src/getchar.c.cve vim80/src/getchar.c
3ef2ca 
--- vim80/src/getchar.c.cve	2019-06-14 13:46:17.269523985 +0200
3ef2ca 
+++ vim80/src/getchar.c	2019-06-14 13:46:58.427169288 +0200
3ef2ca 
@@ -1418,6 +1418,12 @@ openscript(
3ef2ca 
 	EMSG(_(e_nesting));
3ef2ca 
 	return;
3ef2ca 
     }
3ef2ca 
+
3ef2ca 
+    // Disallow sourcing a file in the sandbox, the commands would be executed
3ef2ca 
+    // later, possibly outside of the sandbox.
3ef2ca 
+    if (check_secure())
3ef2ca 
+	return;
3ef2ca 
+
3ef2ca 
 #ifdef FEAT_EVAL
3ef2ca 
     if (ignore_script)
3ef2ca 
 	/* Not reading from script, also don't open one.  Warning message? */

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation