Patch 6.3.082

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Patch 6.3.082

Bram Moolenaar

Patch 6.3.082 (after 6.3.081)
Problem:    Unix: expand() may execute a shell command when it's not wanted.
            (Georgi Guninski)
Solution:   A more generic solution than 6.3.081.
Files:      src/os_unix.c
   

*** ../vim-6.3.081/src/os_unix.c Tue Jul 19 22:31:54 2005
--- src/os_unix.c Wed Jul 20 10:54:12 2005
***************
*** 4697,4710 ****
      if (!have_wildcard(num_pat, pat))
  return save_patterns(num_pat, pat, num_file, file);
 
      /*
       * Don't allow the use of backticks in secure and restricted mode.
       */
!     if (secure || restricted
! # ifdef HAVE_SANDBOX
!    || sandbox != 0
! # endif
!    )
  for (i = 0; i < num_pat; ++i)
     if (vim_strchr(pat[i], '`') != NULL
     && (check_restricted() || check_secure()))
--- 4697,4712 ----
      if (!have_wildcard(num_pat, pat))
  return save_patterns(num_pat, pat, num_file, file);
 
+ # ifdef HAVE_SANDBOX
+     /* Don't allow any shell command in the sandbox. */
+     if (sandbox != 0 && check_secure())
+ return FAIL;
+ # endif
+
      /*
       * Don't allow the use of backticks in secure and restricted mode.
       */
!     if (secure || restricted)
  for (i = 0; i < num_pat; ++i)
     if (vim_strchr(pat[i], '`') != NULL
     && (check_restricted() || check_secure()))
*** ../vim-6.3.081/src/version.c Tue Jul 19 22:31:54 2005
--- src/version.c Wed Jul 20 11:03:50 2005
***************
*** 643,644 ****
--- 643,646 ----
  {   /* Add new patch number below this line */
+ /**/
+     82,
  /**/

--
No letters of the alphabet were harmed in the creation of this message.

 /// Bram Moolenaar -- [hidden email] -- http://www.Moolenaar.net   \\\
///        Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\              Project leader for A-A-P -- http://www.A-A-P.org        ///
 \\\     Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html   ///
Reply | Threaded
Open this post in threaded view
|

ANN: W32 executables

A.J.Mechelynck
----- Original Message -----
From: "Bram Moolenaar" <[hidden email]>
To: <[hidden email]>
Sent: Wednesday, July 20, 2005 11:35 AM
Subject: Patch 6.3.082


>
> Patch 6.3.082 (after 6.3.081)
> Problem:    Unix: expand() may execute a shell command when it's not
> wanted.
>            (Georgi Guninski)
> Solution:   A more generic solution than 6.3.081.
> Files:      src/os_unix.c

I suppose I needn't have, but you never know. I have applied the patch then
recompiled my W32 executables, just in case: see
http://users.skynet.be/antoine.mechelynck/vim/#ajm

There is a typo in the last line of the new
http://ftp.vim.org/pub/vim/patches/README where it says that patch 6.3.082
comes after itself.

I have also compiled the latest 7.00aa snapshot (#0110), see
http://users.skynet.be/antoine.mechelynck/vim/#vim7

Please read the text *before* downloading, in both cases.


Happy Vimming!
Tony.