Re: Patch 8.1.0881

Marius Gedminas Fri, 08 Feb 2019 06:42:00 -0800

On Fri, Feb 08, 2019 at 02:34:26PM +0100, Bram Moolenaar wrote:
> Patch 8.1.0881
> Problem:    Can execute shell commands in rvim through interfaces.
> Solution:   Disable using interfaces in restricted mode. Allow for writing
>             file with writefile(), histadd() and a few others.
> Files:            runtime/doc/starting.txt, src/if_perl.xs, src/if_cmds.h,
>             src/ex_cmds.c, src/ex_docmd.c, src/evalfunc.c,
>             src/testdir/test_restricted.vim, src/testdir/Make_all.mak
> 
>


> *** ../vim-8.1.0880/src/ex_docmd.c    2019-01-31 18:26:05.734803539 +0100
> --- src/ex_docmd.c    2019-02-08 13:21:20.959437381 +0100
> ***************
> *** 2007,2017 ****
>   #ifdef HAVE_SANDBOX
>       if (sandbox != 0 && !(ea.argt & SBOXOK))
>       {
> !         /* Command not allowed in sandbox. */
>           errormsg = _(e_sandbox);
>           goto doend;
>       }
>   #endif
>       if (!curbuf->b_p_ma && (ea.argt & MODIFY))
>       {
>           /* Command not allowed in non-'modifiable' buffer */
> --- 2007,2022 ----
>   #ifdef HAVE_SANDBOX
>       if (sandbox != 0 && !(ea.argt & SBOXOK))
>       {
> !         // Command not allowed in sandbox.
>           errormsg = _(e_sandbox);
>           goto doend;
>       }
>   #endif
> +     if (restricted != 0 && (ea.argt & RESTRICT))
> +     {
> +         errormsg = _("E981: Command not allowed in rvim");
> +         goto doend;
> +     }
>       if (!curbuf->b_p_ma && (ea.argt & MODIFY))
>       {
>           /* Command not allowed in non-'modifiable' buffer */

This causes a build failure:

ex_docmd.c: In function ‘do_one_cmd’:
ex_docmd.c:2015:36: error: ‘RESTRICT’ undeclared (first use in this function); 
did you mean ‘RE_STRICT’?
  if (restricted != 0 && (ea.argt & RESTRICT))
                                    ^~~~~~~~
                                    RE_STRICT
ex_docmd.c:2015:36: note: each undeclared identifier is reported only once for 
each function it appears in
make[1]: *** [Makefile:2988: objects/ex_docmd.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/mg/src/vim/src'
make: *** [Makefile:29: first] Error 2


git grep -w RESTRICT finds no other mentions of this name in the vim
codebase.

Marius Gedminas
-- 
The C language does not lend itself to providing all three of "safe," "simple,"
and "fast" in the same package.
        -- Jonathan Corbet

-- 
-- 
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php

--- 
You received this message because you are subscribed to the Google Groups 
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to vim_dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

signature.asc
Description: PGP signature

Re: Patch 8.1.0881

Raspunde prin e-mail lui