mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2025-09-27 13:38:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(runtime): do not allow breakcheck inside runtime path calculation

Browse Source 
problem: breakcheck might run arbitrary lua code, which might require
modules and thus invoke runtime path calculation recursively.
solution: Block the use of breakcheck when expanding glob patterns
inside 'runtimepath'

fixes #23012
This commit is contained in:
bfredl
2023-04-17 13:08:53 +02:00
parent 7bf1a917b7
commit aee6f08ce1
7 changed files with 26 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/nvim/runtime.c
View File

@@ -470,7 +470,8 @@ int do_in_cached_path(char *name, int flags, DoInRuntimepathCB callback, void *c
}
int ew_flags = ((flags & DIP_DIR) ? EW_DIR : EW_FILE)
| (flags & DIP_DIRFILE) ? (EW_DIR|EW_FILE) : 0;
| ((flags & DIP_DIRFILE) ? (EW_DIR|EW_FILE) : 0)
| EW_NOBREAK;
// Expand wildcards, invoke the callback for each match.
char *(pat[]) = { buf };
@@ -670,7 +671,7 @@ static void expand_rtp_entry(RuntimeSearchPath *search_path, Map(String, handle_
int num_files;
char **files;
char *(pat[]) = { entry };
if (gen_expand_wildcards(1, pat, &num_files, &files, EW_DIR) == OK) {
if (gen_expand_wildcards(1, pat, &num_files, &files, EW_DIR | EW_NOBREAK) == OK) {
for (int i = 0; i < num_files; i++) {
push_path(search_path, rtp_used, files[i], after);
}