Commit 5c85e032 authored by Jan Edmund Lazo's avatar Jan Edmund Lazo Committed by James McCoy

vim-patch:8.1.0538: evaluating a modeline might invoke using a shell command

Problem:    Evaluating a modeline might invoke using a shell command. (Paul
            Huber)
Solution:   Set the sandbox flag when setting options from a modeline.
https://github.com/vim/vim/commit/5958f95a40a4a44bd9e7f3b7ec6554a6ef3e42ca

(cherry picked from commit fee1880e)
Signed-off-by: James McCoy's avatarJames McCoy <jamessan@debian.org>
parent a52200ce
......@@ -4925,7 +4925,12 @@ chk_modeline (
if (*s != NUL) { /* skip over an empty "::" */
save_SID = current_SID;
current_SID = SID_MODELINE;
// Make sure no risky things are executed as a side effect.
sandbox++;
retval = do_set(s, OPT_MODELINE | OPT_LOCAL | flags);
sandbox--;
current_SID = save_SID;
if (retval == FAIL) /* stop if error found */
break;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment