IntenseFinance/neovim
3
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2025-02-25 18:55:25 -06:00
Code Issues Packages Projects Releases Wiki Activity

vim-patch:8.1.0538: evaluating a modeline might invoke using a shell command

Browse Source 
Problem:    Evaluating a modeline might invoke using a shell command. (Paul
            Huber)
Solution:   Set the sandbox flag when setting options from a modeline.
5958f95a40
This commit is contained in:
Jan Edmund Lazo 2019-03-23 08:06:35 -04:00
parent 6b3775bbe2
commit ca71c82196
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/nvim/buffer.c
View File

@ -4943,7 +4943,12 @@ chk_modeline (
if (*s != NUL) { /* skip over an empty "::" */
save_SID = current_SID;
current_SID = SID_MODELINE;
// Make sure no risky things are executed as a side effect.
sandbox++;
retval = do_set(s, OPT_MODELINE | OPT_LOCAL | flags);
sandbox--;
current_SID = save_SID;
if (retval == FAIL) /* stop if error found */
break;