mirror of
https://github.com/neovim/neovim.git
synced 2026-05-24 13:50:06 +00:00
61eddb3fe7
Problem: tests: no test for using shellescape() in combination with :!
Solution: Add a test that checks runtime files for using wrong
combination of shellescape() with ! ex command
This has lead to a few security relevant issues, so add a test that
checks all runtime files for any ! followed by a shellescape() that does
not use the {special} arg.
related: Commit: 3fb5e58fbc63d86a3e65f1a141b0d67af2 (patch 9.2.0479:
[security]: runtime(tar): command injection in tar plugin)
closes: vim/vim#20286
Supported by AI
fccc2adc98
Co-authored-by: Christian Brabandt <cb@256bit.org>
The autoload directory is for standard Vim autoload scripts. These are functions used by plugins and for general use. They will be loaded automatically when the function is invoked. See ":help autoload". gzip.vim for editing compressed files netrw*.vim browsing (remote) directories and editing remote files tar.vim browsing tar files zip.vim browsing zip files paste.vim common code for mswin.vim and menu.vim spellfile.vim downloading of a missing spell file Omni completion files: ccomplete.vim C csscomplete.vim HTML / CSS htmlcomplete.vim HTML javascriptcomplete.vim Javascript phpcomplete.vim PHP pythoncomplete.vim Python rubycomplete.vim Ruby syntaxcomplete.vim from syntax highlighting xmlcomplete.vim XML (uses files in the xml directory)