31 lines
898 B
Diff
31 lines
898 B
Diff
From 5ec772a6c389958cf831e5cf4ebe25aebb6b8d8e Mon Sep 17 00:00:00 2001
|
|
From: Bram Moolenaar <Bram@vim.org>
|
|
Date: Wed, 22 May 2019 22:38:25 +0200
|
|
Subject: [PATCH] patch 8.1.1365: source command doesn't check for the sandbox
|
|
|
|
Problem: Source command doesn't check for the sandbox. (Armin Razmjou)
|
|
Solution: Check for the sandbox when sourcing a file.
|
|
---
|
|
src/getchar.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/src/getchar.c b/src/getchar.c
|
|
index 679eae1..8c4b2b4 100644
|
|
--- a/src/getchar.c
|
|
+++ b/src/getchar.c
|
|
@@ -1433,6 +1433,12 @@ openscript(
|
|
EMSG(_(e_nesting));
|
|
return;
|
|
}
|
|
+
|
|
+ // Disallow sourcing a file in the sandbox, the commands would be executed
|
|
+ // later, possibly outside of the sandbox.
|
|
+ if (check_secure())
|
|
+ return;
|
|
+
|
|
#ifdef FEAT_EVAL
|
|
if (ignore_script)
|
|
/* Not reading from script, also don't open one. Warning message? */
|
|
--
|
|
1.8.3.1
|