[people/arne_f/ipfire-3.x.git] / vim / patches / vim-7.3.070.patch0

To: vim_dev@googlegroups.com
Subject: Patch 7.3.070
Fcc: outbox
From: Bram Moolenaar <Bram@moolenaar.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
------------

Patch 7.3.070
Problem:    Can set environment variables in the sandbox, could be abused.
Solution:   Disallow it.
Files:	    src/eval.c


*** ../vim-7.3.069/src/eval.c	2010-11-10 20:31:24.000000000 +0100
--- src/eval.c	2010-12-02 14:42:31.000000000 +0100
***************
*** 2326,2332 ****
  	    else if (endchars != NULL
  			     && vim_strchr(endchars, *skipwhite(arg)) == NULL)
  		EMSG(_(e_letunexp));
! 	    else
  	    {
  		c1 = name[len];
  		name[len] = NUL;
--- 2326,2332 ----
  	    else if (endchars != NULL
  			     && vim_strchr(endchars, *skipwhite(arg)) == NULL)
  		EMSG(_(e_letunexp));
! 	    else if (!check_secure())
  	    {
  		c1 = name[len];
  		name[len] = NUL;
*** ../vim-7.3.069/src/version.c	2010-11-24 18:48:08.000000000 +0100
--- src/version.c	2010-12-02 14:46:44.000000000 +0100
***************
*** 716,717 ****
--- 716,719 ----
  {   /* Add new patch number below this line */
+ /**/
+     70,
  /**/

-- 
The only way the average employee can speak to an executive is by taking a
second job as a golf caddie.
				(Scott Adams - The Dilbert principle)

 /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net   \\\
///        sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\  an exciting new programming language -- http://www.Zimbu.org        ///
 \\\            help me help AIDS victims -- http://ICCF-Holland.org    ///
Commit	Line	Data
17e7d110 SS	1	To: vim_dev@googlegroups.com
	2	Subject: Patch 7.3.070
	3	Fcc: outbox
	4	From: Bram Moolenaar <Bram@moolenaar.net>
	5	Mime-Version: 1.0
	6	Content-Type: text/plain; charset=UTF-8
	7	Content-Transfer-Encoding: 8bit
	8	------------
	9
	10	Patch 7.3.070
	11	Problem: Can set environment variables in the sandbox, could be abused.
	12	Solution: Disallow it.
	13	Files: src/eval.c
	14
	15
	16	*** ../vim-7.3.069/src/eval.c 2010-11-10 20:31:24.000000000 +0100
	17	--- src/eval.c 2010-12-02 14:42:31.000000000 +0100
	18	***************
	19	* 2326,2332 **
	20	else if (endchars != NULL
	21	&& vim_strchr(endchars, *skipwhite(arg)) == NULL)
	22	EMSG(_(e_letunexp));
	23	! else
	24	{
	25	c1 = name[len];
	26	name[len] = NUL;
	27	--- 2326,2332 ----
	28	else if (endchars != NULL
	29	&& vim_strchr(endchars, *skipwhite(arg)) == NULL)
	30	EMSG(_(e_letunexp));
	31	! else if (!check_secure())
	32	{
	33	c1 = name[len];
	34	name[len] = NUL;
	35	*** ../vim-7.3.069/src/version.c 2010-11-24 18:48:08.000000000 +0100
	36	--- src/version.c 2010-12-02 14:46:44.000000000 +0100
	37	***************
	38	* 716,717 **
	39	--- 716,719 ----
	40	{ /* Add new patch number below this line */
	41	+ /**/
	42	+ 70,
	43	/**/
	44
	45	--
	46	The only way the average employee can speak to an executive is by taking a
	47	second job as a golf caddie.
	48	(Scott Adams - The Dilbert principle)
	49
	50	/// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\
	51	/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
	52	\\\ an exciting new programming language -- http://www.Zimbu.org ///
	53	\\\ help me help AIDS victims -- http://ICCF-Holland.org ///