Commit 9e40ad02 authored by Björn Linse's avatar Björn Linse Committed by James McCoy

eval/api: don't allow the API to be called in the sandbox.

Identifying and maintaining a "secure" subset of the API would be too
much busywork. So just disable the entire thing.

(cherry picked from commit 413b313a)
Signed-off-by: James McCoy's avatarJames McCoy <jamessan@debian.org>
parent eb128961
......@@ -6516,6 +6516,10 @@ static void float_op_wrapper(typval_T *argvars, typval_T *rettv, FunPtr fptr)
static void api_wrapper(typval_T *argvars, typval_T *rettv, FunPtr fptr)
{
if (check_restricted() || check_secure()) {
return;
}
ApiDispatchWrapper fn = (ApiDispatchWrapper)fptr;
Array args = ARRAY_DICT_INIT;
......
......@@ -4,7 +4,8 @@ local lfs = require('lfs')
local neq, eq, command = helpers.neq, helpers.eq, helpers.command
local clear, curbufmeths = helpers.clear, helpers.curbufmeths
local exc_exec, expect, eval = helpers.exc_exec, helpers.expect, helpers.eval
local insert = helpers.insert
local insert, meth_pcall = helpers.insert, helpers.meth_pcall
local meths = helpers.meths
describe('api functions', function()
before_each(clear)
......@@ -145,4 +146,10 @@ describe('api functions', function()
]])
screen:detach()
end)
it('cannot be called from sandbox', function()
eq({false, 'Vim(call):E48: Not allowed in sandbox'},
meth_pcall(command, "sandbox call nvim_input('ievil')"))
eq({''}, meths.buf_get_lines(0, 0, -1, true))
end)
end)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment