diff options
author | Bram Moolenaar <Bram@vim.org> | 2018-11-20 14:27:07 +0100 |
---|---|---|
committer | Bram Moolenaar <Bram@vim.org> | 2018-11-20 14:27:07 +0100 |
commit | 247bb7e43b47eb8407a1111bed60b61aceda52ad (patch) | |
tree | 1808cdecd35033ae10e6b48f66122cf5c42d5486 | |
parent | 82e8c92ebef5afcac0c0fdb706ff163f9b3366f7 (diff) | |
download | vim-git-247bb7e43b47eb8407a1111bed60b61aceda52ad.tar.gz |
patch 8.1.0540: may evaluate insecure value when appending to optionv8.1.0540
Problem: May evaluate insecure value when appending to option.
Solution: Set the secure flag when changing an option that was previously
set insecurely. Also allow numbers for the characters from
'spelllang' that are used for LANG.vim.
-rw-r--r-- | src/option.c | 43 | ||||
-rw-r--r-- | src/version.c | 2 |
2 files changed, 36 insertions, 9 deletions
diff --git a/src/option.c b/src/option.c index e6d46aadf..50d405a95 100644 --- a/src/option.c +++ b/src/option.c @@ -4705,6 +4705,8 @@ do_set( } else { + int value_is_replaced = !prepending && !adding && !removing; + if (flags & P_BOOL) /* boolean */ { if (nextchar == '=' || nextchar == ':') @@ -5209,12 +5211,36 @@ do_set( } #endif - /* Handle side effects, and set the global value for - * ":set" on local options. Note: when setting 'syntax' - * or 'filetype' autocommands may be triggered that can - * cause havoc. */ - errmsg = did_set_string_option(opt_idx, (char_u **)varp, - new_value_alloced, oldval, errbuf, opt_flags); + { + long_u *p = insecure_flag(opt_idx, opt_flags); + int did_inc_secure = FALSE; + + // When an option is set in the sandbox, from a + // modeline or in secure mode, then deal with side + // effects in secure mode. Also when the value was + // set with the P_INSECURE flag and is not + // completely replaced. + if (secure +#ifdef HAVE_SANDBOX + || sandbox != 0 +#endif + || (opt_flags & OPT_MODELINE) + || (!value_is_replaced && (*p & P_INSECURE))) + { + did_inc_secure = TRUE; + ++secure; + } + + // Handle side effects, and set the global value for + // ":set" on local options. Note: when setting 'syntax' + // or 'filetype' autocommands may be triggered that can + // cause havoc. + errmsg = did_set_string_option(opt_idx, (char_u **)varp, + new_value_alloced, oldval, errbuf, opt_flags); + + if (did_inc_secure) + --secure; + } #if defined(FEAT_EVAL) if (errmsg == NULL) @@ -5254,8 +5280,7 @@ do_set( } if (opt_idx >= 0) - did_set_option(opt_idx, opt_flags, - !prepending && !adding && !removing); + did_set_option(opt_idx, opt_flags, value_is_replaced); } skip: @@ -7758,7 +7783,7 @@ did_set_string_option( * '.encoding'. */ for (p = q; *p != NUL; ++p) - if (!ASCII_ISALPHA(*p) && *p != '-') + if (!ASCII_ISALNUM(*p) && *p != '-') break; if (p > q) { diff --git a/src/version.c b/src/version.c index a6f155f65..f3889b075 100644 --- a/src/version.c +++ b/src/version.c @@ -793,6 +793,8 @@ static char *(features[]) = static int included_patches[] = { /* Add new patch number below this line */ /**/ + 540, +/**/ 539, /**/ 538, |