mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2025-09-11 22:08:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

vim-patch:8.1.0881: can execute shell commands in rvim through interfaces

Browse Source 
Problem:    Can execute shell commands in rvim through interfaces.
Solution:   Disable using interfaces in restricted mode. Allow for writing
            file with writefile(), histadd() and a few others.
8c62a08faf
This commit is contained in:
Jan Edmund Lazo
2020-02-24 20:33:43 -05:00
parent 3618fe9e8c
commit d846f47cc8
5 changed files with 134 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/nvim/eval/funcs.c
View File

@@ -4317,7 +4317,7 @@ static void f_histadd(typval_T *argvars, typval_T *rettv, FunPtr fptr)
HistoryType histype;
rettv->vval.v_number = false;
if (check_restricted() || check_secure()) {
if (check_secure()) {
return;
}
const char *str = tv_get_string_chk(&argvars[0]); // NULL on type error
@@ -7779,8 +7779,7 @@ static void f_setbufline(typval_T *argvars, typval_T *rettv, FunPtr fptr)
*/
static void f_setbufvar(typval_T *argvars, typval_T *rettv, FunPtr fptr)
{
if (check_restricted()
|| check_secure()
if (check_secure()
|| !tv_check_str_or_nr(&argvars[0])) {
return;
}
@@ -8284,7 +8283,7 @@ static void f_settabvar(typval_T *argvars, typval_T *rettv, FunPtr fptr)
{
rettv->vval.v_number = 0;
if (check_restricted() || check_secure()) {
if (check_secure()) {
return;
}
@@ -11005,7 +11004,7 @@ static void f_writefile(typval_T *argvars, typval_T *rettv, FunPtr fptr)
{
rettv->vval.v_number = -1;
if (check_restricted() || check_secure()) {
if (check_secure()) {
return;
}