Commit: patch 9.2.0177: Vim9: Can set environment variables in restricted mode

Mon, 16 Mar 2026 14:32:02 -0700 

patch 9.2.0177: Vim9: Can set environment variables in restricted mode

Commit: 
https://github.com/vim/vim/commit/36d0022b3ba5210103f6ebea2ab53f29966399c4
Author: pyllyukko <[email protected]>
Date:   Mon Mar 16 21:19:08 2026 +0000

    patch 9.2.0177: Vim9: Can set environment variables in restricted mode
    
    Problem:  Vim9: Can set environment variables in restricted mode
    Solution: Disallow settings variables in exec_instructions() when in
              restricted mode (pyllyukko)
    
    related: #13394
    closes:  #19705
    
    Signed-off-by: pyllyukko <[email protected]>
    Signed-off-by: Christian Brabandt <[email protected]>

diff --git a/src/testdir/test_restricted.vim b/src/testdir/test_restricted.vim
index aa7dc857e..71a0515e9 100644
--- a/src/testdir/test_restricted.vim
+++ b/src/testdir/test_restricted.vim
@@ -138,4 +138,26 @@ func Test_restricted_diff()
   call delete('Xresult')
 endfunc
 
+func Test_restricted_vim9_env()
+  let lines =<< trim END
+      vim9script
+      def SetEnv()
+          $ENV = '123'
+      enddef
+      var result = 'okay'
+      try
+        SetEnv()
+      catch /^Vim\%((\S\+)\)\=:E145:/
+        result = 'not-allowed'
+      endtry
+      writefile([result], 'XResult_env')
+      qa!
+  END
+  call writefile(lines, 'Xrestrictedvim9', 'D')
+  if RunVim([], [], '-Z --clean -S Xrestrictedvim9')
+    call assert_equal(['not-allowed'], readfile('XResult_env'))
+  endif
+  call delete('XResult_env')
+endfunc
+
 " vim: shiftwidth=2 sts=2 expandtab
diff --git a/src/version.c b/src/version.c
index eff06e5c9..15d8a4d69 100644
--- a/src/version.c
+++ b/src/version.c
@@ -734,6 +734,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    177,
 /**/
     176,
 /**/
diff --git a/src/vim9execute.c b/src/vim9execute.c
index 76d160cd9..f7d0cc3c3 100644
--- a/src/vim9execute.c
+++ b/src/vim9execute.c
@@ -4458,6 +4458,8 @@ exec_instructions(ectx_T *ectx)
 
            // store $ENV
            case ISN_STOREENV:
+               if (check_restricted())
+                   goto theend;
                --ectx->ec_stack.ga_len;
                tv = STACK_TV_BOT(0);
                vim_setenv_ext(iptr->isn_arg.string, tv_get_string(tv));

-- 
-- 
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php

--- 
You received this message because you are subscribed to the Google Groups 
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion visit 
https://groups.google.com/d/msgid/vim_dev/E1w2FVj-008uCg-3i%40256bit.org.

Raspunde prin e-mail lui