mirror of
https://github.com/neovim/neovim.git
synced 2025-09-17 16:58:17 +00:00
Macro cleanup: HAVE_SANDBOX
This commit is contained in:
Michael Reed
committed by
Justin M. Keyes
Justin M. Keyes
parent
0dd1ad0760
commit
357583ff8c
@@ -268,13 +268,11 @@ edit (
|
|||||||
// set Insstart_orig to Insstart
|
// set Insstart_orig to Insstart
|
||||||
update_Insstart_orig = true;
|
update_Insstart_orig = true;
|
||||||
|
|
||||||
#ifdef HAVE_SANDBOX
|
// Don't allow inserting in the sandbox.
|
||||||
/* Don't allow inserting in the sandbox. */
|
|
||||||
if (sandbox != 0) {
|
if (sandbox != 0) {
|
||||||
EMSG(_(e_sandbox));
|
EMSG(_(e_sandbox));
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
/* Don't allow changes in the buffer while editing the cmdline. The
|
/* Don't allow changes in the buffer while editing the cmdline. The
|
||||||
* caller of getcmdline() may get confused. */
|
* caller of getcmdline() may get confused. */
|
||||||
if (textlock != 0) {
|
if (textlock != 0) {
|
||||||
|
|||||||
@@ -3396,16 +3396,13 @@ int check_secure(void)
|
|||||||
EMSG(_(e_curdir));
|
EMSG(_(e_curdir));
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
/*
|
// In the sandbox more things are not allowed, including the things
|
||||||
* In the sandbox more things are not allowed, including the things
|
// disallowed in secure mode.
|
||||||
* disallowed in secure mode.
|
|
||||||
*/
|
|
||||||
if (sandbox != 0) {
|
if (sandbox != 0) {
|
||||||
EMSG(_(e_sandbox));
|
EMSG(_(e_sandbox));
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1093,9 +1093,7 @@ static char_u * do_one_cmd(char_u **cmdlinep,
|
|||||||
int save_msg_scroll = msg_scroll;
|
int save_msg_scroll = msg_scroll;
|
||||||
int save_msg_silent = -1;
|
int save_msg_silent = -1;
|
||||||
int did_esilent = 0;
|
int did_esilent = 0;
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
int did_sandbox = FALSE;
|
int did_sandbox = FALSE;
|
||||||
#endif
|
|
||||||
cmdmod_T save_cmdmod;
|
cmdmod_T save_cmdmod;
|
||||||
int ni; /* set when Not Implemented */
|
int ni; /* set when Not Implemented */
|
||||||
|
|
||||||
@@ -1240,11 +1238,9 @@ static char_u * do_one_cmd(char_u **cmdlinep,
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
case 's': if (checkforcmd(&ea.cmd, "sandbox", 3)) {
|
case 's': if (checkforcmd(&ea.cmd, "sandbox", 3)) {
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
if (!did_sandbox)
|
if (!did_sandbox)
|
||||||
++sandbox;
|
++sandbox;
|
||||||
did_sandbox = TRUE;
|
did_sandbox = TRUE;
|
||||||
#endif
|
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (!checkforcmd(&ea.cmd, "silent", 3))
|
if (!checkforcmd(&ea.cmd, "silent", 3))
|
||||||
@@ -1509,13 +1505,11 @@ static char_u * do_one_cmd(char_u **cmdlinep,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!ea.skip) {
|
if (!ea.skip) {
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
if (sandbox != 0 && !(ea.argt & SBOXOK)) {
|
if (sandbox != 0 && !(ea.argt & SBOXOK)) {
|
||||||
/* Command not allowed in sandbox. */
|
/* Command not allowed in sandbox. */
|
||||||
errormsg = (char_u *)_(e_sandbox);
|
errormsg = (char_u *)_(e_sandbox);
|
||||||
goto doend;
|
goto doend;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
if (!curbuf->b_p_ma && (ea.argt & MODIFY)) {
|
if (!curbuf->b_p_ma && (ea.argt & MODIFY)) {
|
||||||
/* Command not allowed in non-'modifiable' buffer */
|
/* Command not allowed in non-'modifiable' buffer */
|
||||||
errormsg = (char_u *)_(e_modifiable);
|
errormsg = (char_u *)_(e_modifiable);
|
||||||
@@ -1983,10 +1977,8 @@ doend:
|
|||||||
msg_col = 0;
|
msg_col = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
if (did_sandbox)
|
if (did_sandbox)
|
||||||
--sandbox;
|
--sandbox;
|
||||||
#endif
|
|
||||||
|
|
||||||
if (ea.nextcmd && *ea.nextcmd == NUL) /* not really a next command */
|
if (ea.nextcmd && *ea.nextcmd == NUL) /* not really a next command */
|
||||||
ea.nextcmd = NULL;
|
ea.nextcmd = NULL;
|
||||||
|
|||||||
@@ -622,7 +622,6 @@ EXTERN int allbuf_lock INIT(= 0);
|
|||||||
* changed, no buffer can be deleted and
|
* changed, no buffer can be deleted and
|
||||||
* current directory can't be changed.
|
* current directory can't be changed.
|
||||||
* Used for SwapExists et al. */
|
* Used for SwapExists et al. */
|
||||||
# define HAVE_SANDBOX
|
|
||||||
EXTERN int sandbox INIT(= 0);
|
EXTERN int sandbox INIT(= 0);
|
||||||
/* Non-zero when evaluating an expression in a
|
/* Non-zero when evaluating an expression in a
|
||||||
* "sandbox". Several things are not allowed
|
* "sandbox". Several things are not allowed
|
||||||
@@ -1180,9 +1179,7 @@ EXTERN char_u e_readonlyvar[] INIT(= N_(
|
|||||||
EXTERN char_u e_readonlysbx[] INIT(= N_(
|
EXTERN char_u e_readonlysbx[] INIT(= N_(
|
||||||
"E794: Cannot set variable in the sandbox: \"%s\""));
|
"E794: Cannot set variable in the sandbox: \"%s\""));
|
||||||
EXTERN char_u e_readerrf[] INIT(= N_("E47: Error while reading errorfile"));
|
EXTERN char_u e_readerrf[] INIT(= N_("E47: Error while reading errorfile"));
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
EXTERN char_u e_sandbox[] INIT(= N_("E48: Not allowed in sandbox"));
|
EXTERN char_u e_sandbox[] INIT(= N_("E48: Not allowed in sandbox"));
|
||||||
#endif
|
|
||||||
EXTERN char_u e_secure[] INIT(= N_("E523: Not allowed here"));
|
EXTERN char_u e_secure[] INIT(= N_("E523: Not allowed here"));
|
||||||
EXTERN char_u e_screenmode[] INIT(= N_(
|
EXTERN char_u e_screenmode[] INIT(= N_(
|
||||||
"E359: Screen mode setting not supported"));
|
"E359: Screen mode setting not supported"));
|
||||||
|
|||||||
@@ -2525,13 +2525,11 @@ do_set (
|
|||||||
goto skip;
|
goto skip;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
/* Disallow changing some options in the sandbox */
|
/* Disallow changing some options in the sandbox */
|
||||||
if (sandbox != 0 && (flags & P_SECURE)) {
|
if (sandbox != 0 && (flags & P_SECURE)) {
|
||||||
errmsg = (char_u *)_(e_sandbox);
|
errmsg = (char_u *)_(e_sandbox);
|
||||||
goto skip;
|
goto skip;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
if (vim_strchr((char_u *)"?=:!&<", nextchar) != NULL) {
|
if (vim_strchr((char_u *)"?=:!&<", nextchar) != NULL) {
|
||||||
arg += len;
|
arg += len;
|
||||||
@@ -3066,9 +3064,7 @@ did_set_option (
|
|||||||
* flag. */
|
* flag. */
|
||||||
uint32_t *p = insecure_flag(opt_idx, opt_flags);
|
uint32_t *p = insecure_flag(opt_idx, opt_flags);
|
||||||
if (secure
|
if (secure
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
|| sandbox != 0
|
|| sandbox != 0
|
||||||
#endif
|
|
||||||
|| (opt_flags & OPT_MODELINE))
|
|| (opt_flags & OPT_MODELINE))
|
||||||
*p = *p | P_INSECURE;
|
*p = *p | P_INSECURE;
|
||||||
else if (new_value)
|
else if (new_value)
|
||||||
@@ -3577,11 +3573,8 @@ did_set_string_option (
|
|||||||
gvarp = (char_u **)get_varp_scope(&(options[opt_idx]), OPT_GLOBAL);
|
gvarp = (char_u **)get_varp_scope(&(options[opt_idx]), OPT_GLOBAL);
|
||||||
|
|
||||||
/* Disallow changing some options from secure mode */
|
/* Disallow changing some options from secure mode */
|
||||||
if ((secure
|
if ((secure || sandbox != 0)
|
||||||
#ifdef HAVE_SANDBOX
|
&& (options[opt_idx].flags & P_SECURE)) {
|
||||||
|| sandbox != 0
|
|
||||||
#endif
|
|
||||||
) && (options[opt_idx].flags & P_SECURE)) {
|
|
||||||
errmsg = e_secure;
|
errmsg = e_secure;
|
||||||
}
|
}
|
||||||
/* Check for a "normal" file name in some options. Disallow a path
|
/* Check for a "normal" file name in some options. Disallow a path
|
||||||
@@ -4697,12 +4690,10 @@ set_bool_option (
|
|||||||
int old_value = *(int *)varp;
|
int old_value = *(int *)varp;
|
||||||
|
|
||||||
/* Disallow changing some options from secure mode */
|
/* Disallow changing some options from secure mode */
|
||||||
if ((secure
|
if ((secure || sandbox != 0)
|
||||||
#ifdef HAVE_SANDBOX
|
&& (options[opt_idx].flags & P_SECURE)) {
|
||||||
|| sandbox != 0
|
|
||||||
#endif
|
|
||||||
) && (options[opt_idx].flags & P_SECURE))
|
|
||||||
return e_secure;
|
return e_secure;
|
||||||
|
}
|
||||||
|
|
||||||
*(int *)varp = value; /* set the new value */
|
*(int *)varp = value; /* set the new value */
|
||||||
/* Remember where the option was set. */
|
/* Remember where the option was set. */
|
||||||
@@ -5064,12 +5055,10 @@ set_num_option (
|
|||||||
long *pp = (long *)varp;
|
long *pp = (long *)varp;
|
||||||
|
|
||||||
/* Disallow changing some options from secure mode. */
|
/* Disallow changing some options from secure mode. */
|
||||||
if ((secure
|
if ((secure || sandbox != 0)
|
||||||
#ifdef HAVE_SANDBOX
|
&& (options[opt_idx].flags & P_SECURE)) {
|
||||||
|| sandbox != 0
|
|
||||||
#endif
|
|
||||||
) && (options[opt_idx].flags & P_SECURE))
|
|
||||||
return e_secure;
|
return e_secure;
|
||||||
|
}
|
||||||
|
|
||||||
*pp = value;
|
*pp = value;
|
||||||
/* Remember where the option was set. */
|
/* Remember where the option was set. */
|
||||||
@@ -5755,13 +5744,11 @@ set_option_value (
|
|||||||
EMSG2(_("E355: Unknown option: %s"), name);
|
EMSG2(_("E355: Unknown option: %s"), name);
|
||||||
else {
|
else {
|
||||||
uint32_t flags = options[opt_idx].flags;
|
uint32_t flags = options[opt_idx].flags;
|
||||||
#ifdef HAVE_SANDBOX
|
// Disallow changing some options in the sandbox
|
||||||
/* Disallow changing some options in the sandbox */
|
|
||||||
if (sandbox > 0 && (flags & P_SECURE)) {
|
if (sandbox > 0 && (flags & P_SECURE)) {
|
||||||
EMSG(_(e_sandbox));
|
EMSG(_(e_sandbox));
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
if (flags & P_STRING)
|
if (flags & P_STRING)
|
||||||
return set_string_option(opt_idx, string, opt_flags);
|
return set_string_option(opt_idx, string, opt_flags);
|
||||||
else {
|
else {
|
||||||
|
|||||||
@@ -317,11 +317,10 @@ int mch_expand_wildcards(int num_pat, char_u **pat, int *num_file,
|
|||||||
return OK;
|
return OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
# ifdef HAVE_SANDBOX
|
// Don't allow any shell command in the sandbox.
|
||||||
/* Don't allow any shell command in the sandbox. */
|
if (sandbox != 0 && check_secure()) {
|
||||||
if (sandbox != 0 && check_secure())
|
|
||||||
return FAIL;
|
return FAIL;
|
||||||
# endif
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Don't allow the use of backticks in secure and restricted mode.
|
* Don't allow the use of backticks in secure and restricted mode.
|
||||||
|
|||||||
@@ -2416,9 +2416,7 @@ jumpto_tag (
|
|||||||
|
|
||||||
save_secure = secure;
|
save_secure = secure;
|
||||||
secure = 1;
|
secure = 1;
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
++sandbox;
|
++sandbox;
|
||||||
#endif
|
|
||||||
save_magic = p_magic;
|
save_magic = p_magic;
|
||||||
p_magic = FALSE; /* always execute with 'nomagic' */
|
p_magic = FALSE; /* always execute with 'nomagic' */
|
||||||
/* Save value of no_hlsearch, jumping to a tag is not a real search */
|
/* Save value of no_hlsearch, jumping to a tag is not a real search */
|
||||||
@@ -2525,9 +2523,7 @@ jumpto_tag (
|
|||||||
wait_return(TRUE);
|
wait_return(TRUE);
|
||||||
secure = save_secure;
|
secure = save_secure;
|
||||||
p_magic = save_magic;
|
p_magic = save_magic;
|
||||||
#ifdef HAVE_SANDBOX
|
|
||||||
--sandbox;
|
--sandbox;
|
||||||
#endif
|
|
||||||
/* restore no_hlsearch when keeping the old search pattern */
|
/* restore no_hlsearch when keeping the old search pattern */
|
||||||
if (search_options) {
|
if (search_options) {
|
||||||
SET_NO_HLSEARCH(save_no_hlsearch);
|
SET_NO_HLSEARCH(save_no_hlsearch);
|
||||||
|
|||||||
@@ -295,13 +295,11 @@ int undo_allowed(void)
|
|||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef HAVE_SANDBOX
|
// In the sandbox it's not allowed to change the text.
|
||||||
/* In the sandbox it's not allowed to change the text. */
|
|
||||||
if (sandbox != 0) {
|
if (sandbox != 0) {
|
||||||
EMSG(_(e_sandbox));
|
EMSG(_(e_sandbox));
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Don't allow changes in the buffer while editing the cmdline. The
|
/* Don't allow changes in the buffer while editing the cmdline. The
|
||||||
* caller of getcmdline() may get confused. */
|
* caller of getcmdline() may get confused. */
|
||||||
|
|||||||
Reference in New Issue
Block a user