vim-patch:8.1.0540: may evaluate insecure value when appending to option

Problem: May evaluate insecure value when appending to option. Solution: Set the secure flag when changing an option that was previously set insecurely. Also allow numbers for the characters from 'spelllang' that are used for LANG.vim. 247bb7e43b
2025-02-25 18:55:25 -06:00 · 2019-03-26 15:09:42 +02:00 · 2019-03-26 15:09:42 +02:00 · ebfff8e802
commit ebfff8e802
parent 5eaa455479
1 changed files with 34 additions and 8 deletions
--- a/src/nvim/option.c
+++ b/src/nvim/option.c
@ -1359,6 +1359,8 @@ do_set (
            && nextchar != NUL && !ascii_iswhite(afterchar))
          errmsg = e_trailing;
      } else {
+        int value_is_replaced = !prepending && !adding && !removing;
+
        if (flags & P_BOOL) {                       /* boolean */
          if (nextchar == '=' || nextchar == ':') {
            errmsg = e_invarg;
@ -1778,6 +1780,26 @@ do_set (
            // buffer is closed by autocommands.
            saved_newval = (newval != NULL) ? xstrdup((char *)newval) : 0;

+            {
+              unsigned int *p = insecure_flag(opt_idx, opt_flags);
+              int     did_inc_secure = FALSE;
+
+              // When an option is set in the sandbox, from a
+              // modeline or in secure mode, then deal with side
+              // effects in secure mode.  Also when the value was
+              // set with the P_INSECURE flag and is not
+              // completely replaced.
+              if (secure
+#ifdef HAVE_SANDBOX
+                      || sandbox != 0
+#endif
+                      || (opt_flags & OPT_MODELINE)
+                      || (!value_is_replaced && (*p & P_INSECURE)))
+              {
+                  did_inc_secure = TRUE;
+                  ++secure;
+              }
+
              // Handle side effects, and set the global value for
              // ":set" on local options. Note: when setting 'syntax'
              // or 'filetype' autocommands may be triggered that can
@ -1785,6 +1807,11 @@ do_set (
              errmsg = did_set_string_option(opt_idx, (char_u **)varp,
                  new_value_alloced, oldval, errbuf, opt_flags);

+              if (did_inc_secure) {
+                --secure;
+              }
+          }
+
            if (errmsg == NULL) {
              if (!starting) {
                trigger_optionsset_string(opt_idx, opt_flags, saved_origval,
@ -1810,8 +1837,7 @@ do_set (
        }

        if (opt_idx >= 0)
-          did_set_option(opt_idx, opt_flags,
-              !prepending && !adding && !removing);
+          did_set_option(opt_idx, opt_flags, value_is_replaced);
      }

 skip: