patch 8.1.1143: may pass weird strings to file name expansionv8.1.1143

Problem: May pass weird strings to file name expansion. Solution: Check for matching characters. Disallow control characters.
author: Bram Moolenaar <Bram@vim.org> 2019-04-10 22:15:19 +0200
committer: Bram Moolenaar <Bram@vim.org> 2019-04-10 22:15:19 +0200
commit: 8f130eda4747e4a4d68353cdb650f359fd01469b (patch)
tree: 0c07f9b0d8203788f1929ad8383839020f1f41cb /src/misc1.c
parent: 3fb01a53c685d8d7e7bd83c33500de80aed0d7c8 (diff)
download: vim-git-8f130eda4747e4a4d68353cdb650f359fd01469b.tar.gz
1 files changed, 13 insertions, 2 deletions
diff --git a/src/misc1.c b/src/misc1.c
index 54da8900e..379709475 100644
--- a/src/misc1.c
+++ b/src/misc1.c
@@ -6170,11 +6170,22 @@ has_special_wildchar(char_u *p)
 {
     for ( ; *p; MB_PTR_ADV(p))
     {
-	/* Allow for escaping. */
-	if (*p == '\\' && p[1] != NUL)
+	// Disallow line break characters.
+	if (*p == '\r' || *p == '\n')
+	    break;
+	// Allow for escaping.
+	if (*p == '\\' && p[1] != NUL && p[1] != '\r' && p[1] != '\n')
 	    ++p;
 	else if (vim_strchr((char_u *)SPECIAL_WILDCHAR, *p) != NULL)
+	{
+	    // A { must be followed by a matching }.
+	    if (*p == '{' && vim_strchr(p, '}') == NULL)
+		continue;
+	    // A quote and backtick must be followed by another one.
+	    if ((*p == '`' || *p == '\'') && vim_strchr(p, *p) == NULL)
+		continue;
 	    return TRUE;
+	}
     }
     return FALSE;
 }
author	Bram Moolenaar <Bram@vim.org>	2019-04-10 22:15:19 +0200
committer	Bram Moolenaar <Bram@vim.org>	2019-04-10 22:15:19 +0200
commit	8f130eda4747e4a4d68353cdb650f359fd01469b (patch)
tree	0c07f9b0d8203788f1929ad8383839020f1f41cb /src/misc1.c
parent	3fb01a53c685d8d7e7bd83c33500de80aed0d7c8 (diff)
download	vim-git-8f130eda4747e4a4d68353cdb650f359fd01469b.tar.gz